So much information about testing webapps for security problems is old. Don’t get me wrong, the old stuff still works way more often than we’d like, but there’s more to webapp vulnerabilities than cross-site scripting and SQL injection. Take JWTs – JSON Web Tokens – for example. These are base64 encoded tokens that sometimes get written to your browser’s localStorage or sessionStorage and passed around in cookies or HTTP headers. They’re pretty common in authentication and authorization logic fo...
Jun 29, 2020•56 min•Ep. 1
Joff Thyer has dove into everything that is IPv6 and has so much to share about it. He gets really technical but in a way you’ll be able to understand. Google reports that over 30% of their systems access comes via the IPv6 protocol coming into 2020. Many Internet Service Providers have no remaining choice but to deploy IPv6 for simple lack of v4 address resources. The global Internet can already be thought of as balkanized into a split IPv4/IPv6 world based on historical v4 allocation. There wi...
Jun 24, 2020•59 min•Ep. 1
Join us in the Black Hills InfoSec Discord server to keep the security conversation going! https://discord.gg/bhis Reach out to Black Hills Infosec if you need pentesting, threat hunting, ACTIVE SOC, incident response, or blue team services: https://www.blackhillsinfosec.com In this Black Hills Information Security webcast John breakdowns why he hates threat intelligence... Again... But, he breaks down some of the cool new projects that are focusing on durable threat intelligence. This is key, b...
Jun 22, 2020•1 hr 13 min•Ep. 1
Kent and Jordan are back to continue their journey to make the world a better place. This time around, they will be reviewing a series of tools commonly used on pentests to identify flaws in Active Directory and general network design and implementation. You’ve probably heard of most of them, like BloodHound, ADExplorer, mimikatz…, wait, Mimikatz as a Blue Team? Yeah, it might be a bit of a stretch, but they’ll get there. Even better, with an introduction to various adversarial simulation framew...
Jun 08, 2020•1 hr 1 min•Ep. 1
Job hunting? Looking for a career change? Still in college and want to know how to get started now in your career? If you answered yes to any of these questions, this might be the BHIS webcast for you. This webcast is an update to Jason’s popular recorded DerbyCon 2016 talk — How to Social Engineer Your Way Into Your Dream Job. If you don’t want to wait, you can watch that now. https://youtu.be/__lvS2pjuSg What is covered? * How to combine OSINT, marketing technology, and a hacker/social enginee...
Jun 03, 2020•1 hr 30 min•Ep. 1
Join the BHIS Discord discussion server: https://discord.gg/aHHh3u5 We’re really excited to have a close member of our BHIS extended family, Tim Medin from Red Siege InfoSec, here for a webcast on Kerberos & Attacks 101. Tim is the creator of Kerberoasting. Want to understand how Kerberos works? Would you like to understand modern Kerberos attacks? If so, then join Tim Medin as he walks you through how to attack Kerberos with ticket attacks and Kerberoasting. We’ll cover the basics of Kerber...
May 26, 2020•1 hr 1 min•Ep. 1
I like webapps, don’t you? Webapps have got to be the best way to learn about security. Why? Because they’re self-contained and so very transparent. You don’t need a big ol’ lab before you can play with them. You can run them in a single tiny VM or even tiny-er Docker image on your laptop. And so long as you’re attacking your own stuff, it’s easy to stay out of trouble. You’re up and running in the time it takes for a single download. And the transparent part? Ever since “view source” in the ear...
May 06, 2020•46 min•Ep. 1
This is a joint webcast from Black Hills Information Security and Active Countermeasures. How many of us have tried some new configuration option, utility, or hardware on a production environment, only to crash a critical piece of the business? (me raising hand…) It’s amazing how quickly we learn not to do that! Now we have to decide – do we stop trying out new things because we’re scared of causing problems, or do we come up with a safe way to play and learn? We’re going to cover how to set up ...
Apr 27, 2020•1 hr 15 min•Ep. 1
What does it mean to work from home across your corporate VPN? What exactly is VPN? Is your home office prepared? How can you improve and better secure your home network? Is your corporate network ready for the change in IT environment network access? Join us to explore these topics, and describe some potential actions you can take to improve your home office and network environment. And join the BHIS Discord to discuss all of this — https://discord.gg/ST5NdFu Download slides: https://www.active...
Apr 01, 2020•58 min•Ep. 1
The team at Black Hills Information Security and Wild West Hackin’ Fest had to pivot from doing an in-person information security conference in San Diego to a 100% virtual conference with 6 days of notice. We had a little bit of experience doing a hybrid in-person/virtual conference in November 2019 (with 10 days’ notice). The response from the 400+ attendees about the virtual conference was overwhelmingly positive. We did it and you can do it, too. In this webcast, we discuss how it all happene...
Mar 25, 2020•1 hr 8 min•Ep. 1
In this webcast, we will cover what we can do if we think there is a breach on our network. We will cover live forensics, cool PowerShell scripts, network, and event log analysis, cool IR spreadsheets, and checklists. We will also be covering the status of our ELK project for reviewing Event ID 3 from Sysmon. So, a lot… Yep… A crazy amount. Download slides: https://www.activecountermeasures.com/presentations 00:00 – Intro 00:47 – “Ok, But Why” 02:17 – Have It The Wrong Way 04:35 – Have It The Ri...
Mar 11, 2020•1 hr 3 min•Ep. 1
Do you know what your attackers know? There’s a good chance you know, but you might not be aware of just how much information can be found historically and in real-time about your business operations and organization. Join Jordan Drysdale and Kent Ickler as they discuss and demonstrate Purple Team Enterprise Reconnaissance methods that increase operational network awareness and overall security posture. Download slides: https://activecountermeasures.com/presentations 00:00 – Intro 00:42 – Execut...
Feb 19, 2020•1 hr 2 min•Ep. 1
In this webcast, we have our friend Hal Pomeranz sharing his massive knowledge on Linux. If you’re new to Linux, or if you know it and just want to hear from Hal’s years of using and teaching all things Linux, then this is the webcast for you. Download slides: http://www.deer-run.com/~hal/CLDojo.pdf 0:00 – Intro to Hal 9000 4:05 – It’s A UNIX System 7:34 – Who’s Trying Naughty URLS? 27:07 – Care About the Environment 48:24 – Questions & Answers From Hal: The Linux command-line is an amazingl...
Feb 17, 2020•1 hr•Ep. 1
Backdoors & Breaches kind of took off. In case you don’t know, Backdoors & Breaches is an Incident Response Card Game to help people better understand the various attacks and defenses used in security today. We have sold out twice on Amazon, given out thousands of copies for free at conferences, and sent 2,000+ free decks to infosec educators (with a few thousand more decks to go). As a standalone game, with an Incident Master driving the narrative, it works really well. However, we have...
Feb 12, 2020•1 hr 3 min•Ep. 1
Ever wanted to get started in cyber deception? Ever wanted to do it for free? In this BHIS webcast, we will cover some basic, legal, and easy tools/techniques to get you started in working with low interaction honeypots to serve as an early warning of attacks. We will also be sharing a recipe for making wine out of pentester tears. Because attacker tears make the best wine. Download slides: https://www.activecountermeasures.com/presentations/ 1:00 – A Few Cool Things 6:00 – Beginnings of Cyber D...
Feb 10, 2020•59 min•Ep. 1
https://media.blubrry.com/bhis/content.blubrry.com/bhis/BHIS_Podcast_Passwords_Youaretheweakestlink.mp3 Why are companies still recommending an 8-character password minimum? Passwords are some of the easiest targets for attackers, yet companies still allow weak passwords in their environment. Multiple service providers recommend 8-character minimum passwords based on outdated data. Download Slides: https://www.activecountermeasures.com/presentations Originally recorded as a live webcast on Decem...
Jan 17, 2020•1 hr•Ep. 1
Want to learn how attackers bypass endpoint products? Download slides: https://www.activecountermeasures.com/presentations/ 3:41 – Alternate Interpreters 9:19 – Carbon Black Config Issue 15:07 – Cisco AMP EDR – Quick and Easy Bypass 18:24 – PowerShell AMSI Bypass – Rhino 19:07 – CylancePROTECT Bypass 24:14 – Windows Defender and Carbon Black Bypass 30:36 – Windows Subsystem for Linux 39:59 – PowerShell HTTP Web Cradle for Downloads Last year we came to the conclusion that we are going to keep go...
Jan 14, 2020•1 hr 1 min•Ep. 1
BHIS’ Defensery Driven Duo Delivers Another Delectable Transmission! We know you are worried about your networks. After hours of discussion, we’ve come to the realization that some of our dedicated followers seem to be much more interested in catching malware than learning how to be (please forgive this next statement) “l33t hax0rs.” Download slides: https://www.activecountermeasures.com/presentations/ 2:47 – Why Are We Doing This? 5:07 – AT7: The Logs You Are Looking For 7:41 – AD Best Practice...
Jan 07, 2020•58 min•Ep. 1
In this podcast (originally recored as a live webcast), we talk about the 2020 End of Life for Python2. We address what the short, and medium term impacts will likely be. Key language differences will be highlighted with techniques to modify your code to be forward compatible. As a SANS instructor teaching SEC573: Automating Information Security with Python, over the past three years, I have steadily moved my teaching materials, examples, demonstrations and personal coding to Python3. In this pr...
May 31, 2019•54 min•Ep. 1
Download slides: https://www.activecountermeasures.com/presentations In this webcast we walk through the step-by-step defenses to stop the attackers in every step of the way we showed in Attack Tactics Part 5!!!
May 30, 2019•56 min•Ep. 1
Beau Bullock & Mike Felch// Strategically targeting a corporation requires deep knowledge of their technologies and employees. Successfully compromising an organization can depend on the quality of reconnaissance a tester performs up front.
May 11, 2019•57 min•Ep. 1
Lately, it seems like recon is just not getting as much love as it should. Well, time to change that. In this podcast, we discuss some new tips and tricks... And!!!! We released a new tool -- FireProx Strategically targeting a corporation requires deep knowledge of their technologies and employees. Successfully compromising an organization can depend on the quality of reconnaissance a tester performs up front. Often times testers only resort to using publicly available tools which can overlook c...
May 10, 2019•57 min•Ep. 1
In this BHIS podcast, originally recorded as a live webcast, we cover some new techniques and tactics on how to track attackers via various honey tokens. We cover how to track with Word Web Bugs in ADHD, and cover the awesome toolkit from Thinkst.
Mar 18, 2019•55 min•Ep. 1
Do your PowerShell scripts keep getting caught? Tired of dealing with EDRs & Windows Defender every time you need to pop a box? In this one-hour podcast, originally recorded as a live webcast, we introduce a somewhat new Red Team approach that we call BYOI (Bring Your Own Interpreter). Turns out, by harnessing the powah of C# and the .NET framework you can embed entire interpreters inside of a C# binary. This allows you to dynamically access all of the .NET API from a scripting language of y...
Mar 06, 2019•54 min•Ep. 1
Do your PowerShell scripts keep getting caught? Tired of dealing with EDRs & Windows Defender every time you need to pop a box? In this one-hour podcast, originally recorded as a live webcast, we introduce a somewhat new Red Team approach that we call...
Mar 06, 2019•54 min•Ep. 1
We all know what threat hunting is in general terms; it's when we actively search our network for compromised systems. But what does that mean exactly and what process should we be following? Can I simply check network traffic to see if the evil bit is set, or is there a bit more to it than that? In this podcast, originally recorded as a live webcast, we walk you through the methodology of doing a network threat hunt. We talk about what steps to perform and in what order. We also look at some of...
Feb 28, 2019•51 min•Ep. 1
http://media.blubrry.com/bhis/content.blubrry.com/bhis/BHIS_Blockchain_and_You_Feb2019.mp3 Take a good look at Bitcoin right now… these are the unlucky ones. These are the unfortunate souls who jumped on another overinflated balloon. But, does this Bitcoin crash completely undermine all blockchain technologies? Since Bitcoin is crashing and burning we figured it would be a good time to have a webcast on blockchain security issues and why blockchain still matters. Is it all hype? Is it all just a...
Feb 27, 2019•57 min•Ep. 1
Yet again it is time for another edition of Sacred Cash Cow Tipping! Or, “Why do these endpoint security bypass techniques still work? Why?” The goal of this is to share just some of the ways Black Hills Information Security bypassed endpoint security ...
Jan 15, 2019•46 min•Ep. 1
For this podcast we cover a couple of different topics. First, we talk about how to password spray in a non-attributable sort of way. Beau found a way to obfuscate what RDP logs record with launching password spraying attacks.
Dec 28, 2018•54 min•Ep. 1
In this webcast we cover some of the core tools we use all the time at Black Hills Information Security. However, there’s a twist. We don’t talk about Nessus, Nmap, or Metasploit. Why? Because there are a ton of new (and older) tools we use that fall o...
Dec 17, 2018•51 min•Ep. 1
![Talkin' Bout [Infosec] News - podcast cover](https://assets.metacast.app/images/podcast/artwork/FMW0NX7U)
