One tool that I can't live without when performing a penetration test in an Active Directory environment is called NetExec. Being able to efficiently authenticate against multiple systems in the network is crucial, and NetExec is an incredibly powerful tool that helps automate a lot of this activity.

The post Getting Started with NetExec: Streamlining Network Discovery and Access appeared first on Black Hills Information Security, Inc..

What is Hydra? Hydra is a tool that can be used for password spraying. Let’s begin by defining the term “password spray.” A password spray is where an attacker defines […]

The post Hacking with Hydra appeared first on Black Hills Information Security, Inc..

Have you ever been on a pentest and thought to yourself, “I wish I had a robot to do this testing for me right now cuz this is just too much work”?

The post How to Build a Pentest Robot With Selenium IDE appeared first on Black Hills Information Security, Inc..

Daniel Pizarro // What is the PNPT?  The Practical Network Penetration Tester (PNPT), created by TCM Security (TCMS), is a 5-day ethical hacking certification exam that assesses a pentester’s ability […]

The post PNPT: Certification Review appeared first on Black Hills Information Security, Inc..

Why are companies still recommending an 8-character password minimum?  Passwords are some of the easiest targets for attackers, yet companies still allow weak passwords in their environment. Multiple service providers recommend […]

The post Podcast: Passwords: You Are the Weakest Link appeared first on Black Hills Information Security, Inc..

Why are companies still recommending an 8-character password minimum?  Passwords are some of the easiest targets for attackers, yet companies still allow weak passwords in their environment. Multiple service providers recommend […]

The post Webcast: Passwords: You Are the Weakest Link appeared first on Black Hills Information Security, Inc..

Darin Roberts // “Why do you recommend a 15-character password policy when (name your favorite policy here) recommends only 8-character minimum passwords?” I have had this question posed to me […]

The post Passwords: Our First Line of Defense appeared first on Black Hills Information Security, Inc..

Beau Bullock & Mike Felch// Strategically targeting a corporation requires deep knowledge of their technologies and employees. Successfully compromising an organization can depend on the quality of reconnaissance a tester […]

The post Podcast: Weaponizing Corporate Intel. This Time, It’s Personal! appeared first on Black Hills Information Security, Inc..

Timecode links take you to YouTube: 4:11 – Infrastructure & Background8:28 – Overview & Breakdown of Attack Methodology and Plans11:35 – Start of Attack (Gaining Access), Password Spraying Toolkit15:24 – […]

The post Webcast: Attack Tactics 5 – Zero to Hero Attack appeared first on Black Hills Information Security, Inc..

Darin Roberts// IP-Go-Round – Source IP Rotation I was on an engagement recently that was blocking my password sprays based on my IP address.  If I made 3 incorrect requests […]

The post How To Rotate Your Source IP Address appeared first on Black Hills Information Security, Inc..

Darin Roberts// Early in 2018 I wrote a blog about InSpy. InSpy is a great reconnaissance tool that gathers usernames from LinkedIn. My first blog can be found here. A […]

The post I Spy with InSpy v3.0 appeared first on Black Hills Information Security, Inc..

Darin Roberts// Do you ever find yourself on an engagement and need just a few more names with which to conduct a password spray? Everyone knows the more emails you have, […]

The post I Spy with InSpy appeared first on Black Hills Information Security, Inc..

Brian Fehrman // In our experience, we see many Windows environments in which the local Administrator password is the same for many machines. We refer to this as Wide-Spread Local […]

The post Wide-Spread Local Admin Testing appeared first on Black Hills Information Security, Inc..

Brian King // There’s a one-liner password spray script that a lot of folks use to see if anyone on a domain is using a bad password like LetMeIn! or […]

The post Check\ Your\ Tools appeared first on Black Hills Information Security, Inc..

Beau Bullock // In this series of posts I am going to detail multiple ways to gain access to domain user credentials without ever being on a target organization’s network. […]

The post Exploiting Password Reuse on Personal Accounts: How to Gain Access to Domain Credentials Without Being on a Target’s Network: Part 1 appeared first on Black Hills Information Security, Inc..

Joff Thyer //   Many of us in the penetration testing community ar​e used to scenarios whereby we land a targeted phishing campaign within a Windows enterprise environment and have […]

The post Password Spraying & Other Fun with RPCCLIENT appeared first on Black Hills Information Security, Inc..

Carrie Roberts // I learned some new stuff that will make me pay attention to “Asterisk Detection” Nessus informational findings in the future . . . On an external network […]

The post Asterisk SIP Server, From “Info” to “Ouch” appeared first on Black Hills Information Security, Inc..