PODCAST

Author Archives - Black Hills Information Security, Inc.

news tech news

All Episodes

GoSpoof – Turning Attacks into Intel

Author Archives - Black Hills Information Security, Inc. ·

2025/10/29

Imagine this: You’re an attacker ready to get their hands on valuable data that you can sell to afford going on a sweet vacation. You do your research, your recon, everything, ensuring that there’s no way this can go wrong. The day of the attack, you brew some coffee, crack your knuckles, and get started. A few hours into the service scan, you come to realize that all the network ports are open, but in use.The post GoSpoof – Turning Attacks into Intel appeared first on Black Hills Information

en-US

Bypassing WAFs Using Oversized Requests

Author Archives - Black Hills Information Security, Inc. ·

2025/10/15

Many web application firewalls (WAFs) can be bypassed by simply sending large amounts of extra data in the request body along with your payload. Most WAFs will only process requests up to a certain size limit. How the WAF is configured to handle these large requests determines exploitability, but some common WAFs will allow it by default.The post Bypassing WAFs Using Oversized Requests appeared first on Black Hills Information Security, Inc..

en-US

Vulnerability Scanning with Nmap

Author Archives - Black Hills Information Security, Inc. ·

2025/07/16

Nmap, also known as Network Mapper, is a commonly used network scanning tool. As penetration testers, Nmap is a tool we use daily that is indispensable for verifying configurations and identifying potential vulnerabilities.The post Vulnerability Scanning with Nmap appeared first on Black Hills Information Security, Inc..

en-US

How to Use Dirsearch

Author Archives - Black Hills Information Security, Inc. ·

2025/07/02

Dirsearch is an open-source multi-threaded “web path discovery” tool first released in 2014. The program, written in Python, is similar to other tools such as Dirbuster or Gobuster, and aims to quickly find hidden content on web sites.The post How to Use Dirsearch appeared first on Black Hills Information Security, Inc..

en-US

Espanso: Text Replacement, the Easy Way

Author Archives - Black Hills Information Security, Inc. ·

2025/05/28

Espanso is a powerful cross-platform and open-source text replacement (or text expander) tool. At a simple level: it replaces what you type with something else.The post Espanso: Text Replacement, the Easy Way appeared first on Black Hills Information Security, Inc..

en-US

How to Root Android Phones

Author Archives - Black Hills Information Security, Inc. ·

2025/04/23

This blog will cover how to root an AVD emulator and a physical Pixel 6. But before we cover those topics, let's cover what it is we will be doing and some of the pro/cons of rooting an Android phone.The post How to Root Android Phones appeared first on Black Hills Information Security, Inc..

en-US

Getting Started with AI Hacking: Part 1

Author Archives - Black Hills Information Security, Inc. ·

2025/04/02

You may have read some of our previous blog posts on Artificial Intelligence (AI). We discussed things like using PyRIT to help automate attacks. We also covered the dangers of […]The post Getting Started with AI Hacking: Part 1 appeared first on Black Hills Information Security, Inc..

en-US

How to Test Adversary-in-the-Middle Without Hacking...

Author Archives - Black Hills Information Security, Inc. ·

2025/03/24

In this video, Michael Allen discusses how to test Adversary-in-the-Middle attacks without using hacking tools. He delves into the intricacies of credential harvesting, the evolution of multi-factor authentication (MFA), and how attackers adapt their strategies to bypass security measures. The post How to Test Adversary-in-the-Middle Without Hacking Tools appeared first on Black Hills Information Security, Inc..

en-US

Why Your Org Needs a Penetration Test Program

Author Archives - Black Hills Information Security, Inc. ·

2025/03/10

This webcast originally aired on February 27, 2025. Join us for a very special free one-hour Black Hills Information Security webcast with Corey Ham & Kelli Tarala on why your […] The post Why Your Org Needs a Penetration Test Program appeared first on Black Hills Information Security.

en-US

Wi-Fi Forge: Practice Wi-Fi Security Without Hardware

Author Archives - Black Hills Information Security, Inc. ·

2025/02/27

In the world of cybersecurity, it’s important to understand what attack surfaces exist. The best way to understand something is by first doing it. Whether you’re an aspiring penetration tester, […]The post Wi-Fi Forge: Practice Wi-Fi Security Without Hardware appeared first on Black Hills Information Security.

en-US

Avoiding Dirty RAGs: Retrieval-Augmented Generation...

Author Archives - Black Hills Information Security, Inc. ·

2025/02/20

RAG connects pre-trained LLMs with current data sources. Moreover, a RAG system can use many data sources. The post Avoiding Dirty RAGs: Retrieval-Augmented Generation with Ollama and LangChain appeared first on Black Hills Information Security.

en-US

GRC for Security Managers: From Checklists to Influence

Author Archives - Black Hills Information Security, Inc. ·

2025/01/27

This webcast was originally aired on January 16, 2025. In this video, Kelli K. Tarala and CJ Cox discuss the challenges and strategies for improving governance, risk, and compliance (GRC) […]The post GRC for Security Managers: From Checklists to Influence appeared first on Black Hills Information Security.

en-US

Indecent Exposure: Your Secrets are Showing

Author Archives - Black Hills Information Security, Inc. ·

2025/01/09

by moth Hard-coded cryptographic secrets? In my commercially purchased, closed-source software? It’s more likely than you think. Like, a lot more likely. This blog post details a true story of […]The post Indecent Exposure: Your Secrets are Showing appeared first on Black Hills Information Security.

en-US

Creating Burp Extensions: A Beginner’s Guide

Author Archives - Black Hills Information Security, Inc. ·

2025/01/06

In this video, Dave Blandford discusses a beginner's guide to creating Burp Suite extensions. The session covers an overview of what Burp extensions are, how they can improve testing capabilities, and the tools and languages used in developing them. The post Creating Burp Extensions: A Beginner’s Guide appeared first on Black Hills Information Security.

en-US

Pitting AI Against AI: Using PyRIT to Assess Large...

Author Archives - Black Hills Information Security, Inc. ·

2024/12/19

Many people have heard of ChatGPT, Gemini, Bart, Claude, Llama, or other artificial intelligence (AI) assistants at this point. These are all implementations of what are known as large language […] The post Pitting AI Against AI: Using PyRIT to Assess Large Language Models (LLMs) appeared first on Black Hills Information Security.

en-US

The Top Ten List of Why You Got Hacked This Year...

Author Archives - Black Hills Information Security, Inc. ·

2024/12/12

by Jordan Drysdale and Kent Ickler tl;dr: BHIS does a lot of penetration testing in both traditional and continuous penetration testing (CPT) formats. This top ten style list was derived […]The post The Top Ten List of Why You Got Hacked This Year (2023/2024) appeared first on Black Hills Information Security.

en-US

Intro to Data Analytics Using SQL

Author Archives - Black Hills Information Security, Inc. ·

2024/12/02

In this video, Ethan Robish discusses the fundamentals and intricacies of data analytics using SQL. The post Intro to Data Analytics Using SQL appeared first on Black Hills Information Security.

en-US

The Detection Engineering Process

Author Archives - Black Hills Information Security, Inc. ·

2024/11/18

This webcast was originally published on November 8, 2024. In this video, Hayden Covington discusses the detection engineering process and how to apply the scientific method to improve the quality […] The post The Detection Engineering Process appeared first on Black Hills Information Security.

en-US

QEMU, MSYS2, and Emacs: Open-Source Solutions to Run...

Author Archives - Black Hills Information Security, Inc. ·

2024/10/24

As a tester, I do all my work inside a Virtual Machine (VM). Recently, I found myself in a situation where I needed to get a VM on a Windows […]The post QEMU, MSYS2, and Emacs: Open-Source Solutions to Run Virtual Machines on Windows appeared first on Black Hills Information Security.

en-US

Clear, Concise, and Comprehensive: The Formula for...

Author Archives - Black Hills Information Security, Inc. ·

2024/10/17

A lot of emphasis and focus is put on the investigative part of SOC work, with the documentation and less glamorous side of things brushed under the rug. One such […] The post Clear, Concise, and Comprehensive: The Formula for Great SOC Tickets appeared first on Black Hills Information Security.

en-US

473 results

Author Archives - Black Hills Information Security, Inc.

All Episodes

Similar Podcasts

Expres Ráno

Expres FM

PBS News Hour - Full Show

PBS News

CD Voice

China Daily

Israel Today: Ongoing War Report

Noa Levi

Jeffrey Epstein: The Coverup Chronicles

Bobby Capucci