GraphRunner is a collection of post-exploitation PowerShell modules for interacting with the Microsoft Graph API. It provides modules for enumeration, exfiltration, persistence, and more!
The post GraphRunner Cheatsheet appeared first on Black Hills Information Security, Inc..
By Beau Bullock & Steve Borosh TL;DR We built a post-compromise toolset called GraphRunner for interacting with the Microsoft Graph API. It provides various tools for performing reconnaissance, persistence, and [β¦]
The post Introducing GraphRunner: A Post-Exploitation Toolset for Microsoft 365 appeared first on Black Hills Information Security, Inc..
Why is blockchain security important? Blockchain usage has exploded since the Bitcoin whitepaper was first published in 2008. Many applications rely on this technology for increased trust and privacy, where [β¦]
The post Webcast: Getting Started in Blockchain Security and Smart Contract Auditing appeared first on Black Hills Information Security, Inc..
In this Black Hills Information Security (BHIS) webcast, you will learn tools and techniques for performing penetration tests against Microsoft Azure environments. Increasingly, more organizations are migrating resources to being [β¦]
The post Webcast: Getting Started in Pentesting The Cloud: Azure appeared first on Black Hills Information Security, Inc..
Beau Bullock // Overview On offensive engagements, such as penetration tests and red team assessments, I have been seeing inconsistencies in how MFA is applied to the various Microsoft services. [β¦]
The post Exploiting MFA Inconsistencies on Microsoft Services appeared first on Black Hills Information Security, Inc..
Beau Bullock // TL;DR Check-LocalAdminHash is a new PowerShell script that can check a password hash against multiple hosts to determine if itβs a valid administrative credential. It also has [β¦]
The post Check-LocalAdminHash & Exfiltrating All PowerShell History appeared first on Black Hills Information Security, Inc..
Beau Bullock & Mike Felch// Strategically targeting a corporation requires deep knowledge of their technologies and employees. Successfully compromising an organization can depend on the quality of reconnaissance a tester [β¦]
The post Podcast: Weaponizing Corporate Intel. This Time, Itβs Personal! appeared first on Black Hills Information Security, Inc..
Beau Bullock & Mike Felch// Strategically targeting a corporation requires deep knowledge of their technologies and employees. Successfully compromising an organization can depend on the quality of reconnaissance a tester [β¦]
The post Webcast: Weaponizing Corporate Intel. This Time, Itβs Personal! appeared first on Black Hills Information Security, Inc..
Take a good look at Bitcoin right nowβ¦ these are the unlucky ones. These are the unfortunate souls who jumped on another overinflated balloon. But, does this Bitcoin crash completely [β¦]
The post BHIS Podcast: Blockchain and You! InfoSec Edition appeared first on Black Hills Information Security, Inc..
Take a good look at Bitcoin right nowβ¦ these are the unlucky ones. These are the unfortunate souls who jumped on another overinflated balloon. But, does this Bitcoin crash completely [β¦]
The post BHIS Webcast: Blockchain and You! InfoSec Edition appeared first on Black Hills Information Security, Inc..
For this podcast we cover a couple of different topics. First, we talk about how to password spray in a non-attributable sort of way. Beau found a way to obfuscate [β¦]
The post PODCAST: RDP Logging Bypass and Azure Active Directory Recon appeared first on Black Hills Information Security, Inc..
For this webcast we cover a couple of different topics. First, we talk about how to password spray in a non-attributable sort of way. Beau found a way to obfuscate [β¦]
The post WEBCAST: RDP Logging Bypass and Azure Active Directory Recon appeared first on Black Hills Information Security, Inc..
Join Beau Bullock and Mike Felch as they talk about ways to learn more, network and wake up your inner hacker. See the full episode hereΒ and look at the slides [β¦]
The post PODCAST: Highly Caffeinated InfoSec appeared first on Black Hills Information Security, Inc..
Beau Bullock & Mike Felch// Ways to Learn More, Network, and Wake Up Your Inner Hacker Whether you are brand new to InfoSec or a skilled veteran there are ways [β¦]
The post WEBCAST: Highly Caffeinated InfoSec appeared first on Black Hills Information Security, Inc..
Special guest Lee Kagan from RedBlack Security talks about his script, his previous guest posts and the future of C2 with Beau Bullock and Sierra. Check out these links: How [β¦]
The post PODCAST: Lee Kagan & Beau Bullock talk C2 appeared first on Black Hills Information Security, Inc..
Beau Bullock// Overview This blog post is meant to serve as a basic introduction to the world of cryptocurrencies. With cryptocurrencies making their way into mainstream news outlets I am [β¦]
The post Intro to Cryptocurrency and How to Secure Your Coins appeared first on Black Hills Information Security, Inc..
Mike Felch and Beau Bullock// Cryptocurrency conversations are everywhere you look! Mike Felch and Beau Bullock were so interested they started their own podcast about the topic. Weβre excited to [β¦]
The post WEBCAST: A Look Into Emerging Security Issues Within Cryptocurrency Ecosystems appeared first on Black Hills Information Security, Inc..
Beau Bullock & Michael Felch // Source:Β https://chrome.google.com/webstore/detail/google-calendar-by-google/gmbgaklkmjakoegficnlkhebmhkjfich Overview Google Calendar is one of the many features provided to those who sign up for a Google account along with other popular [β¦]
The post Google Calendar Event Injection with MailSniper appeared first on Black Hills Information Security, Inc..
Beau Bullock, Brian Fehrman, & Derek Banks // Pentesting organizations as your day-to-day job quickly reveals commonalities among environments. Although each test is a bit unique, thereβs a typical path [β¦]
The post WEBCAST: CredDefense Toolkit appeared first on Black Hills Information Security, Inc..
Login