In Part 2, weβre diving headfirst into one of the most critical attack surfaces in the LLM ecosystem - Prompt Injection: The AI version of talking your way past the bouncer.
The post Getting Started with AI Hacking Part 2: Prompt Injection appeared first on Black Hills Information Security, Inc..
You may have read some of our previous blog posts on Artificial Intelligence (AI). We discussed things like using PyRIT to help automate attacks. We also covered the dangers of [β¦]
The post Getting Started with AI Hacking: Part 1 appeared first on Black Hills Information Security, Inc..
RAG connects pre-trained LLMs with current data sources. Moreover, a RAG system can use many data sources.
The post Avoiding Dirty RAGs: Retrieval-Augmented Generation with Ollama and LangChain appeared first on Black Hills Information Security, Inc..
Many people have heard of ChatGPT, Gemini, Bart, Claude, Llama, or other artificial intelligence (AI) assistants at this point. These are all implementations of what are known as large language [β¦]
The post Pitting AI Against AI: Using PyRIT to Assess Large Language Models (LLMs)Β appeared first on Black Hills Information Security, Inc..
Brian Fehrman // Many of you have likely heard of Domain Fronting. Domain Fronting is a technique that can allow your C2 traffic to blend in with a targetβs traffic [β¦]
The post Using CloudFront to Relay Cobalt Strike Traffic appeared first on Black Hills Information Security, Inc..
Brian Fehrman// Microsoft Lync servers have been a staple of my external engagements for the past six months or so. I have found a Lync server on all of those [β¦]
The post PSA: Itβs 10PM, Do You Know Where Your Lync Servers Are? appeared first on Black Hills Information Security, Inc..
Brian Fehrman // In a previous post, titled PowerShell without PowerShell, we showed you how you can bypass Application Whitelisting Software (AWS), PowerShell restrictions/monitoring, and Command Prompt restrictions. In some [β¦]
The post PowerShell w/o PowerShell Simplified appeared first on Black Hills Information Security, Inc..
Brian Fehrman // Privilege escalation is a common goal for threat actors after they have compromised a system. Having elevated permissions can allow for tasks such as: extracting local password-hashes, [β¦]
The post Digging Deeper into Vulnerable Windows Services appeared first on Black Hills Information Security, Inc..
Derek Banks, Beau Bullock, & Brian Fehrman // Our clients often ask how they could have detected and prevented the post-exploitation activities we used in their environment to gain elevated [β¦]
The post The CredDefense Toolkit appeared first on Black Hills Information Security, Inc..
Brian Fehrman // Running into environments where the use of PowerShell is being monitored or is just flat-out disabled? Have you tried out the fantastic PowerOps framework but are wishing [β¦]
The post WEBCAST: A Powerful New Tool β PowerLine! appeared first on Black Hills Information Security, Inc..
Brian Fehrman // Youβve sent your phishing ruse, the target has run the Meterpreter payload, and you have shell on their system. Now what? If you follow our blogs, you [β¦]
The post How to Use Nmap with Meterpreter appeared first on Black Hills Information Security, Inc..
Brian Fehrman // Someone recently posed a question to BHIS about creating C2 channels in environments where heavily restrictive egress filtering is being utilized. Testers at BHIS, and in the [β¦]
The post How to Bypass Web-Proxy Filtering appeared first on Black Hills Information Security, Inc..
Brian FehrmanΒ // As described in my last blog post,Β Powershell Without Powershell β How To Bypass Application Whitelisting, Environment Restrictions & AVΒ (sheeeshβ¦itβs been a bit!), we are seeing more environments in [β¦]
The post Power Posing with PowerOPS appeared first on Black Hills Information Security, Inc..
Brian FehrmanΒ (With shout outs to:Β Kelsey Bellew, Beau Bullock)Β // In a previous blog post, we talked about bypassing AV and Application Whitelisting by using a method developed by Casey Smith. In [β¦]
The post Powershell Without Powershell β How To Bypass Application Whitelisting, Environment Restrictions & AV appeared first on Black Hills Information Security, Inc..
Brian Fehrman // In our experience, we see many Windows environments in which the local Administrator password is the same for many machines. We refer to this as Wide-Spread Local [β¦]
The post Wide-Spread Local Admin Testing appeared first on Black Hills Information Security, Inc..
Brian Fehrman // There are numerous methods that have been published to bypass Anti-Virus products. As a result, many companies are beginning to realize that application whitelisting is another tool [β¦]
The post How to Bypass Application Whitelisting & AV appeared first on Black Hills Information Security, Inc..
Brian Fehrman // External and Internal vulnerability scans are often part of any penetration test. Automated scanning tools, however, canβt always find the βgood stuff.β Many times, some of the [β¦]
The post EyeWitness and Why It Rocks appeared first on Black Hills Information Security, Inc..
Brian Fehrman //
The post How To Modify Empire Macro to Bypass Mail Filters appeared first on Black Hills Information Security, Inc..
Login