ImposterKeanu // Introduction  This blog post introduces the reader to “The Obfuscation Hustle”, a term I enjoy using to describe the tedious process of obfuscating and delivering files to corporate […]

The post Evasive File Smuggling with Skyhook  appeared first on Black Hills Information Security, Inc..

Justin Angel // Penetration testing and red team engagements often require operators to collect user information from various sources that can then be translated into inputs to support social engineering […]

The post Collecting and Crafting User Information from LinkedIn appeared first on Black Hills Information Security, Inc..

Click on the timecodes to jump to that part of the video (on YouTube) 2:26 Introduction, background history covering LaBrea Tar Pits and ARP Cache Poisoning and how they relate […]

The post Webcast: How to attack when LLMNR, mDNS, and WPAD attacks fail – eavesarp (Tool Overview) appeared first on Black Hills Information Security, Inc..

Justin Angel// Introduction In penetration testing, ARP is most commonly discussed in terms of poisoning attacks where an attacker achieves a man-in-the-middle (MITM) position between victim nodes by contaminating the […]

The post Analyzing ARP to Discover & Exploit Stale Network Address Configurations appeared first on Black Hills Information Security, Inc..