The new year has begun, and as a penetration tester at Black Hills Information Security, one thing really struck me as I reflected on 2023: a concerningly large number of […]

The post Revisiting Insecure Direct Object Reference (IDOR) appeared first on Black Hills Information Security, Inc..

Melissa Bruno // One of the best early steps to take when testing a network, especially a large one, is to run the tool EyeWitness to gain a quick understanding […]

The post For Web Content Discovery, Who You Gonna Call? Gobuster! appeared first on Black Hills Information Security, Inc..

Melissa Bruno // So you have an Internet-facing DNS server. Maybe you decided to set one up at home for fun, or your company has one that works with other […]

The post Do You Know If Your DNS Server Can Be Used For DDoS Attacks? appeared first on Black Hills Information Security, Inc..