Click on the timecodes to jump to that part of the video (on YouTube) Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_WeaponizingActiveDirectory.pdf 0:54 Background behind this webcast, what and […]

The post Webcast: Weaponizing Active Directory appeared first on Black Hills Information Security, Inc..

Timecode links take you to YouTube: 4:11 – Infrastructure & Background8:28 – Overview & Breakdown of Attack Methodology and Plans11:35 – Start of Attack (Gaining Access), Password Spraying Toolkit15:24 – […]

The post Webcast: Attack Tactics 5 – Zero to Hero Attack appeared first on Black Hills Information Security, Inc..

Darin Roberts// Early in 2018 I wrote a blog about InSpy. InSpy is a great reconnaissance tool that gathers usernames from LinkedIn. My first blog can be found here. A […]

The post I Spy with InSpy v3.0 appeared first on Black Hills Information Security, Inc..

Derek Banks, Beau Bullock, & Brian Fehrman // Our clients often ask how they could have detected and prevented the post-exploitation activities we used in their environment to gain elevated […]

The post The CredDefense Toolkit appeared first on Black Hills Information Security, Inc..

Chevy Swanson // Everyone loves being able to speed up their work with custom tools, but the clear problem is that computers are a bit too fussy about everything being perfect […]

The post Domain User Enumeration appeared first on Black Hills Information Security, Inc..

Carrie Roberts //  Update 10/03/16: Want to download the address book automatically with PowerShell? Check out Beau Bullocks latest additions to MailSniper As part of a penetration test, you’ve gained access […]

The post Downloading an Address Book from an Outlook Web App (OWA) Portal appeared first on Black Hills Information Security, Inc..

Carrie Roberts // Answer: Enough to make it worth it! Penetration testers love to perform password spraying attacks against publicly available email portals as described here in this great post by Beau Bullock. […]

The post Question:  What Can I Learn from Password Spraying a 2FA Microsoft Web App Portal? appeared first on Black Hills Information Security, Inc..

Brian Fehrman // In our experience, we see many Windows environments in which the local Administrator password is the same for many machines. We refer to this as Wide-Spread Local […]

The post Wide-Spread Local Admin Testing appeared first on Black Hills Information Security, Inc..

Beau Bullock // This is part two of a series of posts (See part 1 here) where I am detailing multiple ways to gain access to domain user credentials without ever being […]

The post Password Spraying Outlook Web Access – How to Gain Access to Domain Credentials Without Being on a Target’s Network: Part 2 appeared first on Black Hills Information Security, Inc..

Joff Thyer //   Many of us in the penetration testing community ar​e used to scenarios whereby we land a targeted phishing campaign within a Windows enterprise environment and have […]

The post Password Spraying & Other Fun with RPCCLIENT appeared first on Black Hills Information Security, Inc..