Whether it's forgotten temporary files, installation artifacts, READMEs, or even simple image files--default content on web servers can turn into a boon for attackers. In the most innocent of cases, these types of content can let attackers know more about the tech stack of the environment, and in the worst case scenario can lead to exploitation.
The post Default Web Content appeared first on Black Hills Information Security, Inc..
Organizations tend to focus a significant amount of their efforts on external threats, such as phishing and ransomware, but they often overlook one of the most dangerous attack vectors on their internal networks.Β
The post Commonly Abused Administrative Utilities: A Hidden Risk to Enterprise SecurityΒ appeared first on Black Hills Information Security, Inc..
An Infosec Survival Guide Resource, released as blog posts, with fully designed, printer-friendly PDF cheatsheets.
The post Offensive Tooling Cheatsheets: An Infosec Survival Guide Resource appeared first on Black Hills Information Security, Inc..
DNS Triage is a reconnaissance tool that finds information about an organization's infrastructure, software, and third-party services as fast as possible. The goal of DNS Triage is not to exhaustively find every technology asset that exists on the internet. The goal is to find the most commonly abused items of interest for real attackers.
The post DNS Triage Cheatsheet appeared first on Black Hills Information Security, Inc..
CredMaster is a tool that facilitates password guessing attacks against common targets. It is designed with evasion and anti-detection capabilities and uses AWS APIs to rotate IP addresses for each guess.
The post CredMaster Cheatsheet appeared first on Black Hills Information Security, Inc..
GraphRunner is a collection of post-exploitation PowerShell modules for interacting with the Microsoft Graph API. It provides modules for enumeration, exfiltration, persistence, and more!
The post GraphRunner Cheatsheet appeared first on Black Hills Information Security, Inc..
Burp Suite is an intercepting HTTP proxy that can also scan a web-based service for vulnerabilities. A tool like this is indispensable for testing web applications. Burp Suite is written in Java and comes bundled with a JVM, so it works on any operating system you're likely to use.
The post Burp Suite Cheatsheet appeared first on Black Hills Information Security, Inc..
Impacket is an extremely useful tool for post exploitation. It is a collection of Python scripts that provides low-level programmatic access to the packets and for some protocols, such as DCOM, Kerberos, SMB1, and MSRPC, the protocol implementation itself.
The post Impacket Cheatsheet appeared first on Black Hills Information Security, Inc..
Wireshark is an incredible tool used to read and analyze network traffic coming in and out of an endpoint. Additionally, it can load previously captured traffic to assist with troubleshooting network issues or analyze malicious traffic to help determine what a threat actor is doing on your network.
The post Wireshark Cheatsheet appeared first on Black Hills Information Security, Inc..
Hashcat is a powerful tool for recovering lost passwords, and, thanks to GPU acceleration, itβs one of the fastest. It works by rapidly trying different password guesses to determine the original password from its scrambled (hashed) version.
The post Hashcat Cheatsheet appeared first on Black Hills Information Security, Inc..
Offensive Purpose:Β Efficient way to gather info about web services & their hosting infrastructure. Automates taking screenshots for quick & easy review.
The post EyeWitness Cheatsheet appeared first on Black Hills Information Security, Inc..
Nmap is a powerful open-source tool commonly used by system/network administrators and security professionals to perform network discovery, security auditing, and basic vulnerability assessment.
The post Nmap Cheatsheet appeared first on Black Hills Information Security, Inc..
Netcat is a network utility tool that has earned the nickname "The Swiss Army Knife" of networking. It can be used for file transfers, chat/messaging between systems, port scanning, and much more.
The post Netcat (nc) CheatsheetΒ appeared first on Black Hills Information Security, Inc..
Nmap, also known as Network Mapper, is a commonly used network scanning tool. As penetration testers, Nmap is a tool we use daily that is indispensable for verifying configurations and identifying potential vulnerabilities.
The post Vulnerability Scanning with NmapΒ appeared first on Black Hills Information Security, Inc..
Engaging with the C-suite is not just about addressing security concerns or defending budget requests. It's about establishing and maintaining an ongoing discussion that aims to align security objectives with the interests of the business.Β Β
The post Communicating Security to the C-Suite: A Strategic ApproachΒ appeared first on Black Hills Information Security, Inc..
This article was originally published in the SOC Issue of our PROMPT# zine, which you can read for free HERE. The information was adapted from the 2018 webcast βJohn Strandβs [β¦]
The post John Strandβs 5 Phase Plan For Starting in Computer Security appeared first on Black Hills Information Security, Inc..
Answered by Chris Brenton of Active Countermeasures | Questions compiled from the infosec community by Shelby Perry This article was originally published in the Threat Hunting issue of our infosec [β¦]
The post Questions From a Beginner Threat Hunter appeared first on Black Hills Information Security, Inc..
In todayβs world, security is more important than ever. As organizations increasingly rely on technology to drive business, digital threats are becoming more sophisticated, varied, and difficult to defend against. [β¦]
The post What Is Penetration Testing? appeared first on Black Hills Information Security, Inc..
A lot of emphasis and focus is put on the investigative part of SOC work, with the documentation and less glamorous side of things brushed under the rug. One such [β¦]
The post Clear, Concise, and Comprehensive: The Formula for Great SOC Tickets appeared first on Black Hills Information Security, Inc..
By Erik Goldoff, Ray Van Hoose, and Max Boehner || Guest Authors This post is comprised of 3 articles that were originally published in the second edition of the InfoSec [β¦]
The post Blue Team, Red Team, and Purple Team: An Overview appeared first on Black Hills Information Security, Inc..
Login