If you’ve been on a website and noticed one of the following features, there’s a good chance you’ve stumbled upon a hot spot for server-side request forgery (SSRF) bugs: Before […]
The post Hunting for SSRF Bugs in PDF Generators appeared first on Black Hills Information Security, Inc..
I previously blogged about spoofing Microsoft 365 using the direct send feature enabled by default when creating a business 365 Exchange Online instance (https://www.blackhillsinfosec.com/spoofing-microsoft-365-like-its-1995/). Using the direct send feature, it […]
The post Spamming Microsoft 365 Like It’s 1995 appeared first on Black Hills Information Security, Inc..
Being a digital forensics and incident response consultant is largely about unanswered questions. When we engage with a client, they know something bad happened or is happening, but they are […]
The post OSINT for Incident Response (Part 1) appeared first on Black Hills Information Security, Inc..
tl;dr Implement this ACL using whatever network gear, cloud ACL config, or uncomplicated firewall you use to protect your networks. Our IOT devices are on 10.99.99.0/24 for this example. Also, […]
The post The Simplest and Last Internet-Only ACL You’ll Ever Need appeared first on Black Hills Information Security, Inc..
The internet is a product of a global group effort to build an interoperable network connecting billions of devices, regardless of country, region, or manufacturer. That effort yielded hundreds of […]
The post Unpacking the Packet: Demystifying the Internet Protocol appeared first on Black Hills Information Security, Inc..
| Alyssa Snow In PART ONE and PART TWO of this blog series, we discussed common misconfigurations of Active Directory certificate templates. In this post, we will walk through exploitation […]
The post Abusing Active Directory Certificate Services (Part 3) appeared first on Black Hills Information Security, Inc..
| Ethan Robish It’s been nearly a year since Lastpass was breached and users’ encrypted vaults were stolen. I had already migrated to a different password manager for all my […]
The post Rotating Your Passwords After a Password Manager Breach appeared first on Black Hills Information Security, Inc..
| Sean Verity Do you have a bunch of MFA apps on your phone that leave you feeling like you can’t put your arms down? Or maybe all those MFA […]
The post Opt for TOTP to Deal With MFA App Sprawl appeared first on Black Hills Information Security, Inc..
By Beau Bullock & Steve Borosh TL;DR We built a post-compromise toolset called GraphRunner for interacting with the Microsoft Graph API. It provides various tools for performing reconnaissance, persistence, and […]
The post Introducing GraphRunner: A Post-Exploitation Toolset for Microsoft 365 appeared first on Black Hills Information Security, Inc..
Hayden Covington // Phishing is an ever-present threat, but lately, user education and spam filters have helped mitigate some of that threat. But what happens when a phish makes it […]
The post Stop Phishing Yourself: How Auto-Forwarding and Exchange Contacts Can Stab You in the Back appeared first on Black Hills Information Security, Inc..
Patterson Cake // PART 1 PART 2 In part one of “Wrangling the M365 UAL,” we talked about acquiring, parsing, and querying UAL data using PowerShell and SOF-ELK. In part […]
The post Wrangling the M365 UAL with SOF-ELK and CSV Data (Part 3 of 3) appeared first on Black Hills Information Security, Inc..
Patterson Cake // In PART 1 of “Wrangling the M365 UAL,” we talked about the value of the Unified Audit Log (UAL), some of the challenges associated with acquisition, parsing, […]
The post Wrangling the M365 UAL with SOF-ELK on EC2 (Part 2 of 3) appeared first on Black Hills Information Security, Inc..
Patterson Cake // When it comes to M365 audit and investigation, the “Unified Audit Log” (UAL) is your friend. It can be surly, obstinate, and wholly inadequate, but your friend […]
The post Wrangling the M365 UAL with PowerShell and SOF-ELK (Part 1 of 3) appeared first on Black Hills Information Security, Inc..
Hey, Campers! It’s that time of year again. The smell of 0-day in the air. Charlatans roasting by the pyre. Old friends and new gather in one of the worst […]
The post Join Us for Camp BHIS @ DEF CON 31 appeared first on Black Hills Information Security, Inc..
Troy Wojewoda // In honor of Shark Week1, I decided to write this blog to demonstrate various techniques I’ve found useful when analyzing network traffic with Wireshark, as well as […]
The post Welcome to Shark Week: A Guide for Getting Started with Wireshark and TShark appeared first on Black Hills Information Security, Inc..
Serena DiPenti // Buckle up for this one because I’m about to give you A LOT of information. As someone who works in tech and creates tech content, I am […]
The post Shenetworks’ Guide to Landing Your First Tech Job appeared first on Black Hills Information Security, Inc..
Joseph Kingstone // Are you assigned a physical penetration test and want to fly under the radar and meet all of your objectives like the elite hacker you are? Stick around […]
The post If You Don’t Ruse, You Lose: A Simple Guide to Blending in While Breaking In appeared first on Black Hills Information Security, Inc..
shenetworks // The Black Hills Information Security YouTube channel has over 400 videos available. Over the past year, I have attended many webcasts and explored plenty of the videos. I […]
The post Shenetworks Recommends: 9 Must Watch BHIS YouTube Videos appeared first on Black Hills Information Security, Inc..
Mobile App Testing is a category showing no signs of slowing down. In this video, BHIS tester Cameron Cartier walks us through linking Genymotion to Burp Suite for traffic monitoring. […]
The post Genymotion – Proxying Android App Traffic Through Burp Suite | Cameron Cartier appeared first on Black Hills Information Security, Inc..
Carrie Roberts // Guest Blog OK, I admit it: I might have a problem. But seriously, can you ever really have enough screen space? In this blog post, I’ll describe […]
The post Got Enough Monitors? appeared first on Black Hills Information Security, Inc..
Login