Kayla Mackiewicz // Last year, fellow tester Jordan Drysdale wrote a blog post about Cisco’s Smart Install feature. His blog post can be found here. If this feature is enabled […]

The post How to Use CCAT: An Analysis Tool for Cisco Configuration Files appeared first on Black Hills Information Security, Inc..

Darin Roberts// Early in 2018 I wrote a blog about InSpy. InSpy is a great reconnaissance tool that gathers usernames from LinkedIn. My first blog can be found here. A […]

The post I Spy with InSpy v3.0 appeared first on Black Hills Information Security, Inc..

Darin Roberts// Do you ever find yourself on an engagement and need just a few more names with which to conduct a password spray? Everyone knows the more emails you have, […]

The post I Spy with InSpy appeared first on Black Hills Information Security, Inc..

Beau Bullock, Brian Fehrman, & Derek Banks // Pentesting organizations as your day-to-day job quickly reveals commonalities among environments. Although each test is a bit unique, there’s a typical path […]

The post WEBCAST: CredDefense Toolkit appeared first on Black Hills Information Security, Inc..

Derek Banks // I want to expand on our previous blog post on consolidated endpoint event logging and use Windows Event Forwarding and live off the Microsoft land for shipping […]

The post End-Point Log Consolidation with Windows Event Forwarder appeared first on Black Hills Information Security, Inc..

Brian King // On a recent webapp test, I got a little frustrated with all the extra HTTP requests showing up in my Burpsuite Proxy History from connections that Firefox […]

The post Towards a Quieter Firefox appeared first on Black Hills Information Security, Inc..

Carrie Roberts // EyeWitness is a handy tool developed by Chris Truncer for grabbing web browser screenshots from a list of URLs. Especially handy for pen-testers is its ability to create […]

The post Web Server Screenshots with a Single Command appeared first on Black Hills Information Security, Inc..

Beau Bullock // Overview HostRecon is a tool I wrote in PowerShell to assist with quickly enumerating a number of items that I would typically check after gaining access to […]

The post HostRecon: A Situational Awareness Tool appeared first on Black Hills Information Security, Inc..

John Strand // Want to get started on a hunt team and discover “bad things” on your network? In this webcast, we will walk through the installation and usage of […]

The post WEBCAST: RITA appeared first on Black Hills Information Security, Inc..

Check out Carrie’s demo of her DPAT, and if you missed her blog, check that out here.

The post WEBCAST: Demo of Domain Password Audit Tool appeared first on Black Hills Information Security, Inc..

Carrie Roberts // A tool to generate password usage statics in a Windows domain based on hashes dumped from a domain controller. The Domain Password Audit Tool (DPAT) is a […]

The post Domain Password Audit Tool appeared first on Black Hills Information Security, Inc..

Jordan Drysdale // As I wander through life, in what now seems like a world gone entirely mad, disconnecting from digital is my newest hobby. Information overload constantly smashes us […]

The post Reminders – Simple Security and Finding Sanity In the Digital Age appeared first on Black Hills Information Security, Inc..