❌

Normal view

Received β€” 11 January 2026 ⏭ Black Hills Information Security, Inc.

Having Fun with ActiveX Controls in Microsoft Word

By: BHIS
30 August 2018 at 17:44

Marcello Salvati// During Red Team and penetration tests, it’s always important and valuable to test assumptions. One major assumption I hear from Pentesters, Red teamers and clients alike is that […]

The post Having Fun with ActiveX Controls in Microsoft Word appeared first on Black Hills Information Security, Inc..

Running HashCat on Ubuntu 18.04 Server with 1080TI

Derrick Rauch and Kent Ickler // (Updated 3/22/2019) First, to see what our build looks like, look here:Β https://www.blackhillsinfosec.com/build-password-cracker-nvidia-gtx-1080ti-gtx-1070/ What’s next?Β Time for System Rebuild! First, you need to decide whether you […]

The post Running HashCat on Ubuntu 18.04 Server with 1080TI appeared first on Black Hills Information Security, Inc..

Finding: Weak Password Policy

David Fletcher// The weak password policy finding is typically an indicator of one of two conditions during a test: A password could be easily guessed using standard authentication mechanisms. A […]

The post Finding: Weak Password Policy appeared first on Black Hills Information Security, Inc..

How to Get Malicious Macros Past Email Filters

Carrie Roberts // Β  Β  Β  A malicious macro in a Microsoft Word or Excel document is an effective hacking technique. These documents could be delivered in a variety of […]

The post How to Get Malicious Macros Past Email Filters appeared first on Black Hills Information Security, Inc..

Power Posing with PowerOPS

By: BHIS
25 January 2017 at 17:13

Brian FehrmanΒ // As described in my last blog post,Β Powershell Without Powershell – How To Bypass Application Whitelisting, Environment Restrictions & AVΒ (sheeesh…it’s been a bit!), we are seeing more environments in […]

The post Power Posing with PowerOPS appeared first on Black Hills Information Security, Inc..

Wide-Spread Local Admin Testing

Brian Fehrman // In our experience, we see many Windows environments in which the local Administrator password is the same for many machines. We refer to this as Wide-Spread Local […]

The post Wide-Spread Local Admin Testing appeared first on Black Hills Information Security, Inc..

Check\ Your\ Tools

By: BHIS
26 February 2016 at 23:10

Brian King // There’s a one-liner password spray script that a lot of folks use to see if anyone on a domain is using a bad password like LetMeIn! or […]

The post Check\ Your\ Tools appeared first on Black Hills Information Security, Inc..

❌