#BHIS hashtag - Bluesky

@cyberresearch.bsky.social

1 day ago

Behind Enemy Lines: Collaborating with Blackhats | Joshua Smith Behind Enemy Lines: Collaborating with Blackhats Presenter: Joshua Smith 00:00 – Intro: The Reality of Online Child Exploitation 03:12 – Why Traditional Investigations Fall Short 06:28 – Enter the Blackhats: An Unconventional Approach 09:47 – How These Collaborations Actually Work 13:05 – Accessing Hidden Communities & Criminal Ecosystems 16:22 – Ethical Dilemmas & Moral Boundaries 19:41 – Real-World Case Study: Distribution Ring Investigation 23:58 – Outcomes: Evidence, Identification & Arrests 27:10 – Risks, Tradeoffs & Hard Decisions 30:05 – Final Thoughts: Awareness vs Endorsement How can unconventional partnerships help protect children online? Online predators continue to evolve, often operating in spaces where traditional investigative methods struggle to keep up. In some cases, protecting children requires approaches that challenge conventional boundaries. What is this talk about? In this session, I explore the unconventional and often controversial process of working with blackhat hackers to support investigations into online child exploitation. These collaborations leverage deep technical expertise in cybercrime to uncover hidden threats, identify predatory behavior, and collect critical evidence. Why work with individuals involved in cybercrime? Some of the most effective insights into criminal ecosystems come from those who understand them intimately. By collaborating with individuals who possess firsthand knowledge of underground platforms, tooling, and tactics, investigators can gain visibility into spaces that are otherwise difficult to access. What ethical challenges does this approach raise? These partnerships are not without serious ethical concerns. The session addresses the fine line between ethical responsibility and effective intervention, examining how investigators balance moral boundaries while pursuing the protection of vulnerable victims. What real world case is discussed? The talk outlines a recent case involving a distribution ring, demonstrating how these unconventional collaborations played a pivotal role in launching investigations, gathering evidence, and ultimately capturing predators. Why do traditional methods sometimes fall short? Predators often exploit anonymity, encrypted platforms, and closed communities. This session explains why standard investigative techniques may struggle in these environments and how alternative approaches can provide critical breakthroughs. Who is this talk for? Attendees will gain insight into how complex, ethically challenging collaborations can be leveraged to safeguard children online. This talk is intended for security professionals, investigators, and defenders seeking to understand the realities of modern cyber-enabled crime and the difficult decisions involved in combating it. What is the goal of this session? The purpose is awareness, not endorsement of unethical behavior. This talk highlights the realities of modern investigations and the difficult choices sometimes required to protect children from harm. #cybersecurity #childsafety #onlinepredators #infosec #cybercrime #digitalinvestigations #defensivesecurity #ethicalhacking #threatintel #lawenforcement Sign Up for the next WWHF Want more hands-on cybersecurity training? Register for this year’s Wild West Hackin Fest and get access to workshops, live labs, and sessions taught by industry practitioners. Secure your spot and level up your defensive and offensive skills at one of the most respected community focused security conferences. https://wildwesthackinfest.com/register/ Black Hills Infosec Socials Twitter: https://twitter.com/BHinfoSecurity Mastodon: https://infosec.exchange/@blackhillsinfosec LinkedIn: https://www.linkedin.com/company/antisyphon-training Discord: https://discord.gg/ffzdt3WUDe Black Hills Infosec Shirts & Hoodies https://spearphish-general-store.myshopify.com/collections/bhis-shirt-collections Black Hills Infosec Services Active SOC: https://www.blackhillsinfosec.com/services/active-soc/ Penetration Testing: https://www.blackhillsinfosec.com/services/ Incident Response: https://www.blackhillsinfosec.com/services/incident-response/ Backdoors & Breaches - Incident Response Card Game Backdoors & Breaches: https://www.backdoorsandbreaches.com/ Play B&B Online: https://play.backdoorsandbreaches.com/ Antisyphon Training Pay What You Can: https://www.antisyphontraining.com/pay-what-you-can/ Live Training: https://www.antisyphontraining.com/course-catalog/ On Demand Training: https://www.antisyphontraining.com/on-demand-course-catalog/ Antisyphon Discord: https://discord.gg/antisyphon Antisyphon Mastodon: https://infosec.exchange/@Antisy_Training Educational Infosec Content Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/ Antisyphon Training YouTube: https://www.youtube.com/antisyphontraining Active Countermeasures YouTube: https://youtube.com/activecountermeasures Threat Hunter Community Discord: https://discord.gg/threathunter

Originally from From WWHF: Behind Enemy Lines: Collaborating with Blackhats | Joshua Smith ( :-{ı▓ #WWHF #BHIS #cyberresearch

0 0 0 0

@cyberresearch.bsky.social

5 days ago

# ClickForClickOnce - Generate Configurable Clickonce Payloads | Debjeet Banerjee # ClickForClickOnce - Generate Configurable Clickonce Payloads Presenter: Debjeet Banerjee ClickOnce is a Microsoft deployment technology designed for easy software distribution, but it also provides a powerful initial access vector for Red Teams. This talk introduces ClickForClickOnce, a web-based interface that lets testers generate customized ClickOnce payloads tailored to their engagements. It is a flexible tool for red team operators, adversary simulation, and anyone working with Windows based initial access techniques. With ClickForClickOnce, testers can run shellcode, drop files to disk, execute OS commands, and chain actions in a controlled sequence. This makes it possible to deliver payloads, establish command and control, and achieve persistence through a familiar ClickOnce workflow. The session walks through how the project works, how to host it safely, and what indicators and operational security concerns teams should be aware of. If you work in offensive security, red teaming, adversary emulation, or Windows exploitation, this walkthrough provides practical guidance for using ClickForClickOnce and understanding how ClickOnce can be leveraged in modern engagements. Chapters 00:00 – Intro: ClickOnce as an Initial Access Vector 03:48 – What is ClickForClickOnce & Why It Matters 07:51 – Generating Custom ClickOnce Payloads 11:46 – Payload Capabilities: Shellcode, Commands & File Drops 15:17 – Hosting, Delivery & Operational Workflow 19:14 – OPSEC Considerations & Detection Risks Sign Up for the next WWHF Want more hands-on offensive security and red team focused training? Register for this year’s Wild West Hackin Fest to access labs, workshops, and technical sessions taught by experienced practitioners. Secure your spot and level up your skills with real world training built for both attackers and defenders. https://wildwesthackinfest.com/register/ #RedTeam #OffensiveSecurity #AdversarySimulation #ClickOnce #WindowsSecurity #InitialAccess #CyberSecurity #PenTesting #InfoSec #WWHF #ExploitDev ///Black Hills Infosec Socials Twitter: https://twitter.com/BHinfoSecurity Mastodon: https://infosec.exchange/@blackhillsinfosec LinkedIn: https://www.linkedin.com/company/antisyphon-training Discord: https://discord.gg/ffzdt3WUDe ///Black Hills Infosec Shirts & Hoodies https://spearphish-general-store.myshopify.com/collections/bhis-shirt-collections ///Black Hills Infosec Services Active SOC: https://www.blackhillsinfosec.com/services/active-soc/ Penetration Testing: https://www.blackhillsinfosec.com/services/ Incident Response: https://www.blackhillsinfosec.com/services/incident-response/ ///Backdoors & Breaches - Incident Response Card Game Backdoors & Breaches: https://www.backdoorsandbreaches.com/ Play B&B Online: https://play.backdoorsandbreaches.com/ ///Antisyphon Training Pay What You Can: https://www.antisyphontraining.com/pay-what-you-can/ Live Training: https://www.antisyphontraining.com/course-catalog/ On Demand Training: https://www.antisyphontraining.com/on-demand-course-catalog/ Antisyphon Discord: https://discord.gg/antisyphon Antisyphon Mastodon: https://infosec.exchange/@Antisy_Training ///Educational Infosec Content Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/ Wild West Hackin' Fest YouTube: https://www.youtube.com/wildwesthackinfest Antisyphon Training YouTube: https://www.youtube.com/antisyphontraining Active Countermeasures YouTube: https://youtube.com/activecountermeasures Threat Hunter Community Discord: https://discord.gg/threathunter Join us at the annual information security conference in Deadwood, SD (in-person and virtually) — Wild West Hackin' Fest: https://wildwesthackinfest.com/

Originally from From WWHF: # ClickForClickOnce - Generate Configurable Clickonce Payloads | Debjeet Banerjee ( :-{ı▓ #WWHF #BHIS #cyberresearch

0 0 0 0

@cyberresearch.bsky.social

1 week ago

Grimoire: Because Your Cloud Logs Shouldn't Be More Mysterious Than Actual Magic | Andrew Krug Grimoire: Because Your Cloud Logs Shouldn't Be More Mysterious Than Actual Magic Presenter: Andrew Krug Join us for a hands-on Network Threat Hunting session focused on proactive cybersecurity and real-world detection skills. In this training, we break down the core concepts of threat hunting, key methodologies, and how to identify suspicious network activity before it becomes an incident. You will dive into practical use cases, learn how to recognize malicious traffic, and work with open-source tools like Zeek, Suricata, and an enterprise SIEM to uncover hidden threats. If you want to strengthen your cybersecurity skills, improve network defense, or gain real experience with threat hunting tools, this session is built for you. Chapters: 00:00 – Intro: Grimoire & The Problem with Cloud Logs 03:07 – Why Detection Engineering Is Hard (Pyramid of Pain) 06:11 – Real-World Detection Challenges in Cloud Environments 09:11 – The Importance of Centralizing Logs 12:13 – Why Existing Logging Approaches Fall Short 15:15 – Treating Detections Like Code (CI/CD for Security) 18:16 – Testing Detections: From Cold Start to Execution 21:19 – Working with Structured Logs & JSON Data 24:22 – AWS Policies, Permissions & Detection Requirements Enroll now for Andrew Krug’s upcoming training: Securing the Cloud: Foundations 📅 April 1, 2026 @ 10:00 AM EDT 🔗 https://www.antisyphontraining.com/product/securing-the-cloud-foundations-with-andrew-krug/ Who is this course for? Blue teamers, system administrators, network admins, DevSecOps professionals, first responders—or anyone looking to build a strong foundation in AWS cloud security. Whether you’re pivoting into the cloud or expanding your expertise across cloud security domains, this course is designed to get you there. Sign Up for the next WWHF Want more hands-on cybersecurity training? Register for this year’s Wild West Hackin Fest and get access to workshops, live labs, and sessions taught by industry practitioners. Secure your spot and level up your defensive and offensive skills at one of the most respected community focused security conferences. https://wildwesthackinfest.com/register/ #CyberSecurity #ThreatHunting #NetworkSecurity #Zeek #Suricata #SIEM #BlueTeam #DetectionEngineering #CyberDefense #WWHF #Hackers #InfoSec ///Black Hills Infosec Socials Twitter: https://twitter.com/BHinfoSecurity Mastodon: https://infosec.exchange/@blackhillsinfosec LinkedIn: https://www.linkedin.com/company/antisyphon-training Discord: https://discord.gg/ffzdt3WUDe ///Black Hills Infosec Shirts & Hoodies https://spearphish-general-store.myshopify.com/collections/bhis-shirt-collections ///Black Hills Infosec Services Active SOC: https://www.blackhillsinfosec.com/services/active-soc/ Penetration Testing: https://www.blackhillsinfosec.com/services/ Incident Response: https://www.blackhillsinfosec.com/services/incident-response/ ///Backdoors & Breaches - Incident Response Card Game Backdoors & Breaches: https://www.backdoorsandbreaches.com/ Play B&B Online: https://play.backdoorsandbreaches.com/ ///Antisyphon Training Pay What You Can: https://www.antisyphontraining.com/pay-what-you-can/ Live Training: https://www.antisyphontraining.com/course-catalog/ On Demand Training: https://www.antisyphontraining.com/on-demand-course-catalog/ Antisyphon Discord: https://discord.gg/antisyphon Antisyphon Mastodon: https://infosec.exchange/@Antisy_Training ///Educational Infosec Content Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/ Wild West Hackin' Fest YouTube: https://www.youtube.com/wildwesthackinfest Antisyphon Training YouTube: https://www.youtube.com/antisyphontraining Active Countermeasures YouTube: https://youtube.com/activecountermeasures Threat Hunter Community Discord: https://discord.gg/threathunter Join us at the annual information security conference in Deadwood, SD (in-person and virtually) — Wild West Hackin' Fest: https://wildwesthackinfest.com/

Originally from From WWHF: Grimoire: Because Your Cloud Logs Shouldn't Be More Mysterious Than Actual Magic | Andrew Krug ( :-{ı▓ #WWHF #BHIS #cyberresearch

0 0 0 0

@cyberresearch.bsky.social

1 week ago

Mile High 2026 | Sponsor Interview Compilation We had some great conversations with our sponsors at Wild West Hackin’ Fest | Mile High 2026. Here are a few of our favorite moments from those interviews. A big thank you to Beacon Security, CLA, Flare, Fortra, Fox Pick, ISSA Denver, LimaCharlie, and Red Siege for taking the time to sit down with us and share their insights. Want to be part of Wild West Hackin’ Fest? Become a sponsor: https://wildwesthackinfest.com/become-a-sponsor/ ///Black Hills Infosec Socials Twitter: https://twitter.com/BHinfoSecurity Mastodon: https://infosec.exchange/@blackhillsinfosec LinkedIn: https://www.linkedin.com/company/antisyphon-training Discord: https://discord.gg/ffzdt3WUDe ///Black Hills Infosec Shirts & Hoodies https://spearphish-general-store.myshopify.com/collections/bhis-shirt-collections ///Black Hills Infosec Services Active SOC: https://www.blackhillsinfosec.com/services/active-soc/ Penetration Testing: https://www.blackhillsinfosec.com/services/ Incident Response: https://www.blackhillsinfosec.com/services/incident-response/ ///Backdoors & Breaches - Incident Response Card Game Backdoors & Breaches: https://www.backdoorsandbreaches.com/ Play B&B Online: https://play.backdoorsandbreaches.com/ ///Antisyphon Training Pay What You Can: https://www.antisyphontraining.com/pay-what-you-can/ Live Training: https://www.antisyphontraining.com/course-catalog/ On Demand Training: https://www.antisyphontraining.com/on-demand-course-catalog/ Antisyphon Discord: https://discord.gg/antisyphon Antisyphon Mastodon: https://infosec.exchange/@Antisy_Training ///Educational Infosec Content Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/ Wild West Hackin' Fest YouTube: https://www.youtube.com/wildwesthackinfest Antisyphon Training YouTube: https://www.youtube.com/antisyphontraining Active Countermeasures YouTube: https://youtube.com/activecountermeasures Threat Hunter Community Discord: https://discord.gg/threathunter Join us at the annual information security conference in Deadwood, SD (in-person and virtually) — Wild West Hackin' Fest: https://wildwesthackinfest.com/

Originally from From WWHF: Mile High 2026 | Sponsor Interview Compilation ( :-{ı▓ #WWHF #BHIS #cyberresearch

0 0 0 0

@cyberresearch.bsky.social

2 weeks ago

Archaeologist of the Dark Web - Because Manual Dark Web OSINT is So Last Season | Apurv Singh Gautam Archaeologist of the Dark Web - Because Manual Dark Web OSINT is So Last Season Presenter: Apurv Singh Gautam Dark Web OSINT and cyber threat intelligence investigations can get overwhelming fast. Investigators deal with endless onion links, unreliable marketplaces, scattered search engines, and constant time pressure. This talk introduces Robin, an AI powered Dark Web OSINT tool built to streamline and speed up your entire investigative workflow. Robin automatically searches multiple Dark Web search engines, scrapes relevant onion sites, validates results, and uses AI to produce clear, actionable summaries. No more juggling multiple tools or wasting hours checking dead links. In this session, we break down the biggest challenges in Dark Web OSINT, how Robin’s architecture works, and how its scraping and summarization pipeline fits into real world CTI and investigation workflows. If you work in OSINT, CTI, cyber investigations, threat intelligence, or Dark Web research, this talk gives you a practical tool you can start using immediately and a clearer understanding of how AI can simplify the investigative process. 00:00 Introduction – Robin: AI-Powered Dark Web Investigation Tool 01:53 Agenda – Dark Web OSINT, Existing Tools & Demo 02:37 Why Dark Web Investigation Matters for Threat Intel 04:01 Existing Dark Web OSINT Tools & Their Limitations 05:25 Why Build Robin? Combining Tools with AI 06:14 Introducing Robin – AI-Powered Dark Web OSINT Tool 07:00 Robin Architecture Overview 13:10 Prompt Engineering for Threat Intelligence Analysis 16:21 Investigation Summary Output Structure 18:23 Live Demo – Running Robin via Docker & Web UI 21:36 Search Results and Investigation Output 24:50 Using the Output for Threat Intelligence Reports 26:20 Future Features and Improvements 27:55 Project Credits & Inspiration 29:00 Audience Q&A Sign Up for WWHF Register for this year’s Wild West Hackin Fest here: https://wildwesthackinfest.com/wild-west-hackin-fest-mile-high-2026/ Get access to workshops, labs, and sessions taught by experienced practitioners, all focused on real world defensive and investigative skills. #OSINT #DarkWeb #ThreatIntelligence #CTI #CyberSecurity #OnionSites #AItools #InvestigationTools #InfoSec #WWHF #CyberThreats ///Black Hills Infosec Socials Twitter: https://twitter.com/BHinfoSecurity Mastodon: https://infosec.exchange/@blackhillsinfosec LinkedIn: https://www.linkedin.com/company/antisyphon-training Discord: https://discord.gg/ffzdt3WUDe ///Black Hills Infosec Shirts & Hoodies https://spearphish-general-store.myshopify.com/collections/bhis-shirt-collections ///Black Hills Infosec Services Active SOC: https://www.blackhillsinfosec.com/services/active-soc/ Penetration Testing: https://www.blackhillsinfosec.com/services/ Incident Response: https://www.blackhillsinfosec.com/services/incident-response/ ///Backdoors & Breaches - Incident Response Card Game Backdoors & Breaches: https://www.backdoorsandbreaches.com/ Play B&B Online: https://play.backdoorsandbreaches.com/ ///Antisyphon Training Pay What You Can: https://www.antisyphontraining.com/pay-what-you-can/ Live Training: https://www.antisyphontraining.com/course-catalog/ On Demand Training: https://www.antisyphontraining.com/on-demand-course-catalog/ Antisyphon Discord: https://discord.gg/antisyphon Antisyphon Mastodon: https://infosec.exchange/@Antisy_Training ///Educational Infosec Content Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/ Wild West Hackin' Fest YouTube: https://www.youtube.com/wildwesthackinfest Antisyphon Training YouTube: https://www.youtube.com/antisyphontraining Active Countermeasures YouTube: https://youtube.com/activecountermeasures Threat Hunter Community Discord: https://discord.gg/threathunter Join us at the annual information security conference in Deadwood, SD (in-person and virtually) — Wild West Hackin' Fest: https://wildwesthackinfest.com/

Originally from From WWHF: Archaeologist of the Dark Web - Because Manual Dark Web OSINT is So Last Season | Apurv Singh Gautam ( :-{ı▓ #WWHF #BHIS #cyberresearch

0 0 0 0

@cyberresearch.bsky.social

2 weeks ago

Build your Sh*tty Add-On With KiCad For Your Electronic Badges! | Adrien Lasalle Build your Sh*tty Add-On With KiCad For Your Electronic Badges! Speaker: Adrien Lasalle, NetRunSecurity Learn how to use KiCad, the free and open-source PCB design software, to create Shitty Add-Ons (SAOs) — fun, custom PCBs that enhance cybersecurity conference badges and hardware hacking projects. This session is perfect for anyone interested in DIY electronics, badge hacking, and PCB design for beginners. Step by step, you’ll go from an idea to a fully orderable PCB you can solder, light up, and show off. What You’ll Learn in This KiCad Tutorial 🎓 • Designing Schematics in KiCad – start building your custom circuits • PCB Layout Techniques – create neat, functional PCBs for SAOs ️ • SAO Design Rules – understand constraints for badge mods • Exporting Gerber Files – prepare files for PCB manufacturing • Ordering Your PCB – get it delivered to your door, ready to solder Who This Session is For • Beginners learning KiCad and PCB design • Hardware hackers and makers creating custom badge add-ons • Electronics enthusiasts exploring DIY electronics, open-source hardware, and PCB prototyping By the end, you’ll know how to design SAOs that light up, stand out, or just make people laugh — perfect for hardware villages, hacker meetups, and cybersecurity cons. 00:00 Introduction – Building SAOs with KiCad 00:50 Talk Overview & Agenda 01:11 What is KiCad? Open-Source PCB Design 03:07 What is a Shitty Add-On (SAO)? 06:49 Planning Your SAO Design 07:10 Starting a KiCad Project 08:04 Creating the Schematic in KiCad 09:32 Assigning Component Footprints 10:25 Importing the Schematic into the PCB Editor 10:10 SAO Connector Considerations 11:49 Routing Connections on the PCB 13:19 Exporting Gerber Files for Fabrication 15:41 Hardware Orientation & Assembly Considerations 19:03 Audience Q&A and Final Discussion Register for Wild West Hackin’ Fest Denver 2026 🏔️ Join us at one of the most hands-on cybersecurity conferences for makers, hackers, and electronics enthusiasts! 👉 Registration: [Wild West Hackin' Fest @ Mile High 2026 - Wild West Hackin' Fest] #KiCad #PCBDesign #SAO #ShittyAddon #BadgeLife #BadgeHacking #HardwareHacking #CybersecurityConference #DIYElectronics #MakerCommunity #OpenSourceHardware #PCBLayout #GerberFiles #ElectronicsDIY #WildWestHackinFest #WWFHF2026 ///Black Hills Infosec Socials Twitter: https://twitter.com/BHinfoSecurity Mastodon: https://infosec.exchange/@blackhillsinfosec LinkedIn: https://www.linkedin.com/company/antisyphon-training Discord: https://discord.gg/ffzdt3WUDe ///Black Hills Infosec Shirts & Hoodies https://spearphish-general-store.myshopify.com/collections/bhis-shirt-collections ///Black Hills Infosec Services Active SOC: https://www.blackhillsinfosec.com/services/active-soc/ Penetration Testing: https://www.blackhillsinfosec.com/services/ Incident Response: https://www.blackhillsinfosec.com/services/incident-response/ ///Backdoors & Breaches - Incident Response Card Game Backdoors & Breaches: https://www.backdoorsandbreaches.com/ Play B&B Online: https://play.backdoorsandbreaches.com/ ///Antisyphon Training Pay What You Can: https://www.antisyphontraining.com/pay-what-you-can/ Live Training: https://www.antisyphontraining.com/course-catalog/ On Demand Training: https://www.antisyphontraining.com/on-demand-course-catalog/ Antisyphon Discord: https://discord.gg/antisyphon Antisyphon Mastodon: https://infosec.exchange/@Antisy_Training ///Educational Infosec Content Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/ Wild West Hackin' Fest YouTube: https://www.youtube.com/wildwesthackinfest Antisyphon Training YouTube: https://www.youtube.com/antisyphontraining Active Countermeasures YouTube: https://youtube.com/activecountermeasures Threat Hunter Community Discord: https://discord.gg/threathunter Join us at the annual information security conference in Deadwood, SD (in-person and virtually) — Wild West Hackin' Fest: https://wildwesthackinfest.com/

Originally from From WWHF: Build your Sh*tty Add-On With KiCad For Your Electronic Badges! | Adrien Lasalle ( :-{ı▓ #WWHF #BHIS #cyberresearch

0 0 0 0

CyberTaters

@potato.software

3 weeks ago

Originally from From WWHF: GDIOCSpider - Extracting and Identifying IOCs from the GDriveverse | Noah Dunn ( :-{ı▓ #WWHF #BHIS #potatoresearch

1 0 0 0

@cyberresearch.bsky.social

3 weeks ago

GDIOCSpider - Extracting and Identifying IOCs from the GDriveverse | Noah Dunn GDIOCSpider - Extracting and Identifying IOCs from the GDriveverse Presenter: Noah Dunn Google Drive has become one of the most widely abused cloud platforms for threat actors, who use it to store, launch, and log malware as part of larger command and control operations. At the same time, it remains a popular space for security researchers to store case data, write ups, and collections of indicators of compromise. While analysts have decades of tooling for analyzing hard drives and network resources, similar tools for examining Google Drive datasets have been limited and underdeveloped. The GDIOCSpider project changes that. This open-source Python tool can crawl an entire Google Drive, analyze file contents, and extract IOC types defined by the user. It automatically summarizes all discovered artifacts across all files, eliminating the need to manually sift through cloud storage. Whether you are investigating a compromised Google account or aggregating IOCs from security research archives, GDIOCSpider enables fast, environment agnostic IOC analysis and supports both defensive and investigative workflows. 00:00 Introduction 00:59 What GDIOCSpider Is 01:10 What Are IOCs? (Indicators of Compromise Explained) 02:02 How GDIOCSpider Works – High Level Workflow 03:10 Why Google Drive Is a Valuable Threat Intelligence Source 05:05 Challenges Investigating Google Drive Data 07:25 Live Demo Begins 10:32 Extracting IOCs from Google Drive Files 13:34 Generating Reports and Aggregating Artifacts 16:28 Investigation & Research Use Cases 21:00 Final Thoughts and Wrap-Up Sign Up for WWHF Register for this year’s Wild West Hackin Fest here: https://wildwesthackinfest.com/wild-west-hackin-fest-mile-high-2026/ Get access to workshops, labs, and sessions taught by experienced practitioners, all focused on real world defensive and investigative skills. #CyberSecurity #ThreatIntelligence #GoogleDrive #IOC #MalwareAnalysis #CloudSecurity #DigitalForensics #IncidentResponse #BlueTeam #InfoSec #WWHF ///Black Hills Infosec Socials Twitter: https://twitter.com/BHinfoSecurity Mastodon: https://infosec.exchange/@blackhillsinfosec LinkedIn: https://www.linkedin.com/company/antisyphon-training Discord: https://discord.gg/ffzdt3WUDe ///Black Hills Infosec Shirts & Hoodies https://spearphish-general-store.myshopify.com/collections/bhis-shirt-collections ///Black Hills Infosec Services Active SOC: https://www.blackhillsinfosec.com/services/active-soc/ Penetration Testing: https://www.blackhillsinfosec.com/services/ Incident Response: https://www.blackhillsinfosec.com/services/incident-response/ ///Backdoors & Breaches - Incident Response Card Game Backdoors & Breaches: https://www.backdoorsandbreaches.com/ Play B&B Online: https://play.backdoorsandbreaches.com/ ///Antisyphon Training Pay What You Can: https://www.antisyphontraining.com/pay-what-you-can/ Live Training: https://www.antisyphontraining.com/course-catalog/ On Demand Training: https://www.antisyphontraining.com/on-demand-course-catalog/ Antisyphon Discord: https://discord.gg/antisyphon Antisyphon Mastodon: https://infosec.exchange/@Antisy_Training ///Educational Infosec Content Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/ Wild West Hackin' Fest YouTube: https://www.youtube.com/wildwesthackinfest Antisyphon Training YouTube: https://www.youtube.com/antisyphontraining Active Countermeasures YouTube: https://youtube.com/activecountermeasures Threat Hunter Community Discord: https://discord.gg/threathunter Join us at the annual information security conference in Deadwood, SD (in-person and virtually) — Wild West Hackin' Fest: https://wildwesthackinfest.com/

Originally from From WWHF: GDIOCSpider - Extracting and Identifying IOCs from the GDriveverse | Noah Dunn ( :-{ı▓ #WWHF #BHIS #cyberresearch

0 0 0 0

@cyberresearch.bsky.social

3 weeks ago

Hunting for Stupid | Mary Ellen Kennel Hunting for Stupid Presenter: Mary Ellen Kennel Hunting for Stupid – What Does That Mean? • All of us can do stupid things, so this is by no means meant to be a slur! Stupid is defined here as, including but not limited to, misconfigs, unpatched vulns, exposed assets, etc. • In Feb. 2024, Corey Ham led a Webcast around N-Days, that for me, was groundbreaking. II. Sources for Hunting • I believe it’s critical to find fresh and cutting-edge reports to hunt on daily, and I have a plethora of sources I will share later. • Become BFF’s with your Vuln. Mgt. Team, find out their top concerns. • Pyramid of Pain. • Wade Wells authored an ADS ChatBot. III. Metrics • How do we document what we DON'T find? It's great to emerge with a shiny object, but when we don't, how can we turn that into colorful metrics for C-levels? IV. Effective Note-Taking Made Better Together • Working title for a different talk I wanted to pitch to BHIS. In Oct. 2024, Antisyphon posted on LI: “Take good notes, your future self will thank you!” • In Feb. 2025, I had an entire day free of family obligations, so I performed fresh installs of Obisidian and Notion. Spoiler alert...in the end, I reverted back to Word and Google Docs! • Tyler Ramsbey authored an AI ChatBot trained for better note-taking. V. Threat Hunting Methodologies • Hypothesis-Driven • TTP-Driven • Baseline/Anomaly-Based • Threat Actor Campaign-Based VI. Threat Hunting Frameworks for High Fidelity/Low Noise ADS • ADS • PEAK • Sqrrl • TaHiTI Sign Up for WWHF Register for this year’s Wild West Hackin Fest here: https://wildwesthackinfest.com/register/ Get access to workshops, labs, and sessions taught by experienced practitioners, all focused on real world defensive and investigative skills. ///Black Hills Infosec Socials Twitter: https://twitter.com/BHinfoSecurity Mastodon: https://infosec.exchange/@blackhillsinfosec LinkedIn: https://www.linkedin.com/company/antisyphon-training Discord: https://discord.gg/ffzdt3WUDe ///Black Hills Infosec Shirts & Hoodies https://spearphish-general-store.myshopify.com/collections/bhis-shirt-collections ///Black Hills Infosec Services Active SOC: https://www.blackhillsinfosec.com/services/active-soc/ Penetration Testing: https://www.blackhillsinfosec.com/services/ Incident Response: https://www.blackhillsinfosec.com/services/incident-response/ ///Backdoors & Breaches - Incident Response Card Game Backdoors & Breaches: https://www.backdoorsandbreaches.com/ Play B&B Online: https://play.backdoorsandbreaches.com/ ///Antisyphon Training Pay What You Can: https://www.antisyphontraining.com/pay-what-you-can/ Live Training: https://www.antisyphontraining.com/course-catalog/ On Demand Training: https://www.antisyphontraining.com/on-demand-course-catalog/ Antisyphon Discord: https://discord.gg/antisyphon Antisyphon Mastodon: https://infosec.exchange/@Antisy_Training ///Educational Infosec Content Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/ Wild West Hackin' Fest YouTube: https://www.youtube.com/wildwesthackinfest Antisyphon Training YouTube: https://www.youtube.com/antisyphontraining Active Countermeasures YouTube: https://youtube.com/activecountermeasures Threat Hunter Community Discord: https://discord.gg/threathunter Join us at the annual information security conference in Deadwood, SD (in-person and virtually) — Wild West Hackin' Fest: https://wildwesthackinfest.com/

Originally from From WWHF: Hunting for Stupid | Mary Ellen Kennel ( :-{ı▓ #WWHF #BHIS #cyberresearch

0 0 0 0

@cyberresearch.bsky.social

4 weeks ago

N-Grams, Quantum, and Malware – A Recipe for Chaos? | Dr. Jenn Ferreras N-Grams, Quantum, and Malware – A Recipe for Chaos? Presenter: Dr. Jenn Ferreras How are malware analysts using pattern analysis today? Malware analysts have long relied on n-grams to identify patterns in malicious code. By breaking binaries or scripts into smaller sequences, analysts can spot similarities, track malware families, and detect evasive techniques used by attackers. What happens when quantum computing enters the picture? This session asks a big question. What if we combine classical n-gram analysis with quantum computing techniques? Does it unlock dramatically better malware detection, or does it introduce more complexity than clarity? What is this talk about? This fast paced, no fluff talk takes a chaotic but fun dive into the intersection of quantum algorithms and traditional malware analysis. The goal is not hype, but exploration of what might actually be possible as quantum research continues to evolve. Could quantum improve polymorphic malware detection? Polymorphic malware constantly changes its structure to evade detection. This session explores whether quantum approaches could help identify malicious patterns earlier, even before the malware fully morphs. What challenges are discussed? Alongside the potential benefits, the talk also examines practical limitations, false assumptions, and where quantum approaches may introduce more noise than signal in real world detection workflows. Who should watch this talk? This session is designed for malware analysts, security researchers, data scientists, and anyone curious about the future of detection techniques at the intersection of classical and emerging technologies. What should attendees expect? Expect a lively discussion that blends theory, skepticism, and curiosity. The goal is to separate meaningful ideas from science fiction while having a little fun along the way. Sign Up for WWHF Register for this year’s Wild West Hackin Fest here: https://wildwesthackinfest.com/register/ Get access to workshops, labs, and sessions taught by experienced practitioners, all focused on real world defensive and investigative skills. #cybersecurity #malwareanalysis #quantumcomputing #infosec #securityresearch #threatdetection #reverseengineering #emergingtech #cyberawareness ///Black Hills Infosec Socials Twitter: https://twitter.com/BHinfoSecurity Mastodon: https://infosec.exchange/@blackhillsinfosec LinkedIn: https://www.linkedin.com/company/antisyphon-training Discord: https://discord.gg/ffzdt3WUDe ///Black Hills Infosec Shirts & Hoodies https://spearphish-general-store.myshopify.com/collections/bhis-shirt-collections ///Black Hills Infosec Services Active SOC: https://www.blackhillsinfosec.com/services/active-soc/ Penetration Testing: https://www.blackhillsinfosec.com/services/ Incident Response: https://www.blackhillsinfosec.com/services/incident-response/ ///Backdoors & Breaches - Incident Response Card Game Backdoors & Breaches: https://www.backdoorsandbreaches.com/ Play B&B Online: https://play.backdoorsandbreaches.com/ ///Antisyphon Training Pay What You Can: https://www.antisyphontraining.com/pay-what-you-can/ Live Training: https://www.antisyphontraining.com/course-catalog/ On Demand Training: https://www.antisyphontraining.com/on-demand-course-catalog/ Antisyphon Discord: https://discord.gg/antisyphon Antisyphon Mastodon: https://infosec.exchange/@Antisy_Training ///Educational Infosec Content Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/ Wild West Hackin' Fest YouTube: https://www.youtube.com/wildwesthackinfest Antisyphon Training YouTube: https://www.youtube.com/antisyphontraining Active Countermeasures YouTube: https://youtube.com/activecountermeasures Threat Hunter Community Discord: https://discord.gg/threathunter Join us at the annual information security conference in Deadwood, SD (in-person and virtually) — Wild West Hackin' Fest: https://wildwesthackinfest.com/

Originally from From WWHF: N-Grams, Quantum, and Malware – A Recipe for Chaos? | Dr. Jenn Ferreras ( :-{ı▓ #WWHF #BHIS #cyberresearch

0 0 0 0

@cyberresearch.bsky.social

1 month ago

Ghost Jobs and Ghost Companies: Pulling Back the Curtain Using OSINT | Patrick Wheltle Ghost Jobs and Ghost Companies: Pulling Back the Curtain Using OSINT Patrick Wheltle How can job seekers research companies before applying? In today’s job market, it is easier than ever to share professional information with companies that may not be legitimate. This talk focuses on how job seekers can use basic research techniques to avoid wasting time or exposing sensitive details to organizations with no real intent to hire. What is this presentation about? This session explores a series of methods that can be used to research companies claiming to be hiring qualified applicants. The goal is to help professionals verify legitimacy before submitting resumes, portfolios, or personal data. What role does OSINT play in job research? Using open-source intelligence techniques, the talk demonstrates how publicly available information can reveal red flags about a company’s operations, leadership, and credibility. Attendees will learn where to look and what questions to ask when evaluating a potential employer. What case study is covered? The presentation includes a real world case study of a company advertising roles with unusually high compensation. On the surface, the opportunity looked promising. However, basic OSINT research revealed deeper concerns. What was uncovered during the investigation? The company appeared to have no customers, no public reputation, and no verifiable business activity. Further research uncovered layers of shell companies and raised questions about whether the listed officers were even real individuals. Why does this matter for job seekers? Job scams and deceptive hiring practices can lead to identity theft, financial loss, or wasted effort. This session shows how a small amount of investigation can protect professionals from falling into these traps. Who should watch this talk? This campfire talk is ideal for job seekers, security professionals, recruiters, and anyone interested in OSINT or online investigation techniques. What is the takeaway? Sometimes the truth is hidden in plain sight. Knowing where to look can make all the difference. Sign Up for WWHF Register for this year’s Wild West Hackin Fest here: https://wildwesthackinfest.com/register/ Get access to workshops, labs, and sessions taught by experienced practitioners, all focused on real world defensive and investigative skills. #cybersecurity #osint #jobsearch #careeradvice #infosec #onlinesafety #employmentscams #digitalinvestigations #cyberawareness ///Black Hills Infosec Socials Twitter: https://twitter.com/BHinfoSecurity Mastodon: https://infosec.exchange/@blackhillsinfosec LinkedIn: https://www.linkedin.com/company/antisyphon-training Discord: https://discord.gg/ffzdt3WUDe ///Black Hills Infosec Shirts & Hoodies https://spearphish-general-store.myshopify.com/collections/bhis-shirt-collections ///Black Hills Infosec Services Active SOC: https://www.blackhillsinfosec.com/services/active-soc/ Penetration Testing: https://www.blackhillsinfosec.com/services/ Incident Response: https://www.blackhillsinfosec.com/services/incident-response/ ///Backdoors & Breaches - Incident Response Card Game Backdoors & Breaches: https://www.backdoorsandbreaches.com/ Play B&B Online: https://play.backdoorsandbreaches.com/ ///Antisyphon Training Pay What You Can: https://www.antisyphontraining.com/pay-what-you-can/ Live Training: https://www.antisyphontraining.com/course-catalog/ On Demand Training: https://www.antisyphontraining.com/on-demand-course-catalog/ Antisyphon Discord: https://discord.gg/antisyphon Antisyphon Mastodon: https://infosec.exchange/@Antisy_Training ///Educational Infosec Content Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/ Wild West Hackin' Fest YouTube: https://www.youtube.com/wildwesthackinfest Antisyphon Training YouTube: https://www.youtube.com/antisyphontraining Active Countermeasures YouTube: https://youtube.com/activecountermeasures Threat Hunter Community Discord: https://discord.gg/threathunter Join us at the annual information security conference in Deadwood, SD (in-person and virtually) — Wild West Hackin' Fest: https://wildwesthackinfest.com/

Originally from From WWHF: Ghost Jobs and Ghost Companies: Pulling Back the Curtain Using OSINT | Patrick Wheltle ( :-{ı▓ #WWHF #BHIS #cyberresearch

0 0 0 0

@cyberresearch.bsky.social

1 month ago

Ethics on the Line Balancing Social Engineering Success with Target Protection | Jennifer Isacoff Ethics on the Line Balancing Social Engineering Success with Target Protection Presenter: Jennifer Isacoff Why do social engineering assessments raise ethical concerns? Social engineering engagements like phishing and vishing are powerful tools for exposing weaknesses in an organization’s defenses. They work by exploiting human trust. But what happens to the people who fall for them after the test is over? What is this talk about? This 15 minute campfire talk explores the ethical challenges of selling and conducting social engineering assessments without causing unintended harm to employees. Even when reports anonymize identities, basic security logs can often reveal who failed, sometimes leading to blame or punishment long after the engagement ends. Why is this a problem for practitioners? This creates a difficult question for social engineering professionals. How do you clearly demonstrate risk to a client while protecting the individuals being tested? The tension between accountability and education can undermine trust in both the assessment and the security team. What ethical questions are discussed? The session sparks an open discussion around whether mandatory post engagement training is the only ethical path forward, or if engagements can be designed to preserve anonymity while still delivering meaningful value to clients. What real world experiences inform this talk? Drawing from real world social engineering engagements, the discussion explores situations where proving impact, such as initial access or credential capture, conflicted with safeguarding individuals from negative consequences. What solutions are on the table? Expect a lively debate around practical approaches including creative contract language, log obfuscation strategies, client education, and engagement design choices that prioritize learning over punishment. Who should attend? This talk is for social engineering professionals, red teamers, defenders, and newcomers interested in the human side of security testing. What is the goal of this session? This is not just about ethics. It is about sustaining trust in the craft of social engineering while responsibly addressing the human factor that makes these attacks so effective. Bring your stories, ideas, and opinions and let’s hash it out around the campfire. Sign Up for WWHF Register for this year’s Wild West Hackin Fest here: https://wildwesthackinfest.com/register/ Get access to workshops, labs, and sessions taught by experienced practitioners, all focused on real world defensive and investigative skills. #cybersecurity #socialengineering #phishing #vishing #infosec #redteam #securityethics #humanfactor #defensivesecurity #cyberawareness ///Black Hills Infosec Socials Twitter: https://twitter.com/BHinfoSecurity Mastodon: https://infosec.exchange/@blackhillsinfosec LinkedIn: https://www.linkedin.com/company/antisyphon-training Discord: https://discord.gg/ffzdt3WUDe ///Black Hills Infosec Shirts & Hoodies https://spearphish-general-store.myshopify.com/collections/bhis-shirt-collections ///Black Hills Infosec Services Active SOC: https://www.blackhillsinfosec.com/services/active-soc/ Penetration Testing: https://www.blackhillsinfosec.com/services/ Incident Response: https://www.blackhillsinfosec.com/services/incident-response/ ///Backdoors & Breaches - Incident Response Card Game Backdoors & Breaches: https://www.backdoorsandbreaches.com/ Play B&B Online: https://play.backdoorsandbreaches.com/ ///Antisyphon Training Pay What You Can: https://www.antisyphontraining.com/pay-what-you-can/ Live Training: https://www.antisyphontraining.com/course-catalog/ On Demand Training: https://www.antisyphontraining.com/on-demand-course-catalog/ Antisyphon Discord: https://discord.gg/antisyphon Antisyphon Mastodon: https://infosec.exchange/@Antisy_Training ///Educational Infosec Content Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/ Wild West Hackin' Fest YouTube: https://www.youtube.com/wildwesthackinfest Antisyphon Training YouTube: https://www.youtube.com/antisyphontraining Active Countermeasures YouTube: https://youtube.com/activecountermeasures Threat Hunter Community Discord: https://discord.gg/threathunter Join us at the annual information security conference in Deadwood, SD (in-person and virtually) — Wild West Hackin' Fest: https://wildwesthackinfest.com/

Originally from From WWHF: Ethics on the Line Balancing Social Engineering Success with Target Protection | Jennifer Isacoff ( :-{ı▓ #WWHF #BHIS #cyberresearch

0 0 0 0

@cyberresearch.bsky.social

1 month ago

Unintentional Hackers: Students as the Weakest (and Wildest) Link | Jacob Thompson Unintentional Hackers: Students as the Weakest (and Wildest) Link Presenter: Jacob Thompson What is this talk about? Unintentional Hackers: Students as the Weakest (and Wildest) Link explores how curiosity, mischief, and sometimes deliberate exploitation by students introduce real security risks in K–12 and higher education environments. How do students accidentally or intentionally break systems? This session examines real world incidents where students bypass content filters, access sensitive data, abuse administrative tools, or disrupt school systems. In some cases, the behavior is accidental. In others, it is executed with surprising technical precision. Why are schools especially vulnerable? School infrastructure often lags behind modern security standards due to limited budgets, legacy systems, and usability constraints. Traditional cybersecurity training also fails to resonate with student users, leaving gaps that are easily exploited. Why does the insider threat model fall short in education? Most insider threat models focus on employees or contractors. This talk challenges that assumption and explains why students represent a uniquely unpredictable risk profile that requires a different defensive mindset. What mitigation strategies actually work? Attendees will gain insight into risk mitigation strategies designed specifically for educational environments. Topics include behavioral monitoring, digital citizenship programs, policy design, and technical controls that balance security with accessibility. Who should watch this talk? Whether you are an educator, school administrator, IT professional, or security leader, this session will change how you think about insider threats in education. What is the key takeaway? The most dangerous insider threat in a school may not be malicious. It might be curious, bored, or sitting in the front row with a Chromebook. Sign Up for WWHF Register for this year’s Wild West Hackin Fest here: https://wildwesthackinfest.com/register/ Get access to workshops, labs, and sessions taught by experienced practitioners, all focused on real world defensive and investigative skills. #cybersecurity #educationsecurity #insiderthreat #infosec #k12 #highereducation #edtech #digitalcitizenship #blueteam #cyberawareness ///Black Hills Infosec Socials Twitter: https://twitter.com/BHinfoSecurity Mastodon: https://infosec.exchange/@blackhillsinfosec LinkedIn: https://www.linkedin.com/company/antisyphon-training Discord: https://discord.gg/ffzdt3WUDe ///Black Hills Infosec Shirts & Hoodies https://spearphish-general-store.myshopify.com/collections/bhis-shirt-collections ///Black Hills Infosec Services Active SOC: https://www.blackhillsinfosec.com/services/active-soc/ Penetration Testing: https://www.blackhillsinfosec.com/services/ Incident Response: https://www.blackhillsinfosec.com/services/incident-response/ ///Backdoors & Breaches - Incident Response Card Game Backdoors & Breaches: https://www.backdoorsandbreaches.com/ Play B&B Online: https://play.backdoorsandbreaches.com/ ///Antisyphon Training Pay What You Can: https://www.antisyphontraining.com/pay-what-you-can/ Live Training: https://www.antisyphontraining.com/course-catalog/ On Demand Training: https://www.antisyphontraining.com/on-demand-course-catalog/ Antisyphon Discord: https://discord.gg/antisyphon Antisyphon Mastodon: https://infosec.exchange/@Antisy_Training ///Educational Infosec Content Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/ Wild West Hackin' Fest YouTube: https://www.youtube.com/wildwesthackinfest Antisyphon Training YouTube: https://www.youtube.com/antisyphontraining Active Countermeasures YouTube: https://youtube.com/activecountermeasures Threat Hunter Community Discord: https://discord.gg/threathunter Join us at the annual information security conference in Deadwood, SD (in-person and virtually) — Wild West Hackin' Fest: https://wildwesthackinfest.com/

Originally from From WWHF: Unintentional Hackers: Students as the Weakest (and Wildest) Link | Jacob Thompson ( :-{ı▓ #WWHF #BHIS #cyberresearch

0 0 0 0

@cyberresearch.bsky.social

1 month ago

LinkedIn Landmines The Hidden Risks of Accepting Every Connection | Alexis Julian LinkedIn Landmines The Hidden Risks of Accepting Every Connection Presenter: Alexis Julian Why can LinkedIn connections be a security risk? In today’s digital first professional world, LinkedIn has become a critical platform for networking, hiring, and career growth. But with convenience comes risk, especially when users accept connection requests without scrutiny. What is this talk about? This session, LinkedIn Landmines: The Hidden Risks of Accepting Every Connection, explores the often overlooked dangers of careless networking on LinkedIn. It breaks down how attackers exploit professional trust to gain access to sensitive information and systems. How do malicious actors abuse LinkedIn? Attackers leverage fake profiles, impersonated recruiters, and social engineering tactics to build credibility. Once trust is established, they can move into phishing, identity theft, malware delivery, corporate espionage, and long term reconnaissance. What real world examples are covered? Using real world scenarios, including a fake recruiter scam, this talk demonstrates how seemingly harmless connections can lead to compromised personal data, damaged reputations, and even corporate security incidents. What types of threats are discussed? The session covers a wide range of risks tied to loose connection policies, including fake job offers, malicious links or attachments, privacy breaches, data harvesting, and social engineering attacks that target both individuals and organizations. Why does this matter beyond individual users? LinkedIn profiles often expose job roles, technologies, internal relationships, and company structure. This information can be weaponized to support larger attacks against businesses and institutions. What can professionals do to protect themselves? The talk concludes with practical, actionable best practices to help users evaluate connection requests, reduce exposure, and protect both personal and organizational security. Who should watch this talk? Whether you are an executive, job seeker, recruiter, or everyday LinkedIn user, this session will change how you think about digital networking and make you pause before clicking “Accept.” Sign Up for WWHF Register for this year’s Wild West Hackin Fest here: https://wildwesthackinfest.com/register/ Get access to workshops, labs, and sessions taught by experienced practitioners, all focused on real world defensive and investigative skills. #cybersecurity #linkedinsecurity #socialengineering #phishing #infosec #careeradvice #onlinesafety #digitalidentity #defensivesecurity #cyberawareness ///Black Hills Infosec Socials Twitter: https://twitter.com/BHinfoSecurity Mastodon: https://infosec.exchange/@blackhillsinfosec LinkedIn: https://www.linkedin.com/company/antisyphon-training Discord: https://discord.gg/ffzdt3WUDe ///Black Hills Infosec Shirts & Hoodies https://spearphish-general-store.myshopify.com/collections/bhis-shirt-collections ///Black Hills Infosec Services Active SOC: https://www.blackhillsinfosec.com/services/active-soc/ Penetration Testing: https://www.blackhillsinfosec.com/services/ Incident Response: https://www.blackhillsinfosec.com/services/incident-response/ ///Backdoors & Breaches - Incident Response Card Game Backdoors & Breaches: https://www.backdoorsandbreaches.com/ Play B&B Online: https://play.backdoorsandbreaches.com/ ///Antisyphon Training Pay What You Can: https://www.antisyphontraining.com/pay-what-you-can/ Live Training: https://www.antisyphontraining.com/course-catalog/ On Demand Training: https://www.antisyphontraining.com/on-demand-course-catalog/ Antisyphon Discord: https://discord.gg/antisyphon Antisyphon Mastodon: https://infosec.exchange/@Antisy_Training ///Educational Infosec Content Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/ Wild West Hackin' Fest YouTube: https://www.youtube.com/wildwesthackinfest Antisyphon Training YouTube: https://www.youtube.com/antisyphontraining Active Countermeasures YouTube: https://youtube.com/activecountermeasures Threat Hunter Community Discord: https://discord.gg/threathunter Join us at the annual information security conference in Deadwood, SD (in-person and virtually) — Wild West Hackin' Fest: https://wildwesthackinfest.com/

Originally from From WWHF: LinkedIn Landmines The Hidden Risks of Accepting Every Connection | Alexis Julian ( :-{ı▓ #WWHF #BHIS #cyberresearch

0 0 0 0

@cyberresearch.bsky.social

2 months ago

Masscan | Intro To Network Pentesting - Ashley Knowles #cybersecurity #pentesting #bhis Ready to dive into the fundamentals of network penetration testing? 🔍 Join BHIS Security Consultant Ashley Knowles for a free, one-hour webcast introducing the core concepts every aspiring pentester needs to know. You’ll learn: ✅ Proper engagement scoping ✅ OSINT techniques ✅ Industry frameworks like NIST CSF & PTES ✅ How to conduct a penetration test ✅ When to exploit vs. document findings ✅ Avoiding time-wasting rabbit holes Plus: ✔ Reporting best practices ✔ Recommended lab environments for hands-on experience ✔ Resources to stay ahead of emerging attack vectors #CyberSecurity #PenTesting #OSINT #NIST #PTES /// 🔗 Register for webcasts, summits, and workshops - https://poweredbybhis.com ///Black Hills Infosec Socials Twitter: https://twitter.com/BHinfoSecurity Mastodon: https://infosec.exchange/@blackhillsinfosec LinkedIn: https://www.linkedin.com/company/antisyphon-training Discord: https://discord.gg/ffzdt3WUDe ///Black Hills Infosec Shirts & Hoodies https://spearphish-general-store.myshopify.com/collections/bhis-shirt-collections ///Black Hills Infosec Services Active SOC: https://www.blackhillsinfosec.com/services/active-soc/ Penetration Testing: https://www.blackhillsinfosec.com/services/ Incident Response: https://www.blackhillsinfosec.com/services/incident-response/ ///Backdoors & Breaches - Incident Response Card Game Backdoors & Breaches: https://www.backdoorsandbreaches.com/ Play B&B Online: https://play.backdoorsandbreaches.com/ ///Antisyphon Training Pay What You Can: https://www.antisyphontraining.com/pay-what-you-can/ Live Training: https://www.antisyphontraining.com/course-catalog/ On Demand Training: https://www.antisyphontraining.com/on-demand-course-catalog/ Antisyphon Discord: https://discord.gg/antisyphon Antisyphon Mastodon: https://infosec.exchange/@Antisy_Training ///Educational Infosec Content Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/ Wild West Hackin' Fest YouTube: https://www.youtube.com/wildwesthackinfest Antisyphon Training YouTube: https://www.youtube.com/antisyphontraining Active Countermeasures YouTube: https://youtube.com/activecountermeasures Threat Hunter Community Discord: https://discord.gg/threathunter Join us at the annual information security conference in Deadwood, SD (in-person and virtually) — Wild West Hackin' Fest: https://wildwesthackinfest.com/

Originally from BHIS: Masscan | Intro To Network Pentesting - Ashley Knowles #cybersecurity #pentesting #bhis ( :-{ı▓ #BlackHillsInfoSec #cybersecurity #cyberresearch

0 0 0 0

National Built Heritage Service

@nbhsireland.bsky.social

6 months ago

🎉The countdown is on for #ploughing2025 ! Find us in 📍Building Together, Block 3, Row 14, Stand 275, for advice on applying for financial assistance for the #conservation and repair of your protected structure #BHIS See you there!👋😁
#GovPloughing2025 #ploughing2025

0 0 0 0

BSides312

@bsides312.org

1 year ago

Big shoutout to Black Hills Information Security for being a Silver Sponsor of #BSides312! 🎉👏 Your support helps make this event amazing!

Tag them and show some love! 💙 #ThankYou #BHIS

7 3 0 3

@cyberresearch.bsky.social

1 year ago

GitHub - blackhillsinfosec/Wifi-Forge: WifiForge is a tool developed by Black Hills InfoSec to help train Pentesters on different Wi-Fi attack vectors and Wireless capabilities. WifiForge is a tool developed by Black Hills InfoSec to help train Pentesters on different Wi-Fi attack vectors and Wireless capabilities. - blackhillsinfosec/Wifi-Forge

Meet the challenge!! Lets get this to 500 stars!!
https://github.com/b

#wififorge #bhis #gomakeafriend

0 0 0 0

Shecky (((Mike))) - Third Wheel

@siliconshecky.siliconshecky.com

1 year ago

The Top Ten List of Why You Got Hacked This Year (2023/2024) - Black Hills Information Security by Jordan Drysdale and Kent Ickler tl;dr: BHIS does a lot of penetration testing in both traditional and continuous penetration testing (CPT) formats. This top ten style list was derived […]

From the home office in Deadwood, SD it's the Top Ten Reasons you might have gotten hacked. (Use this list as a basic hygiene list to check on in your environment) Thanks to #BHIS for the list

1 0 0 0