Classic BHIS Webcasts

Why are companies still recommending an 8-character password minimum?  Passwords are some of the easiest targets for attackers, yet companies still allow weak passwords in their environment. Multiple service providers recommend 8-character minimum passwords based on outdated data.  Download Slides: https://www.activecountermeasures.com/presentations Chapters(00:00) - Start (01:04) - Introduction (03:26) - In The Beginning (04:23) - What The Experts Say : PCI (05:55) - What The Experts Say : Microsoft (09:29) - What The Experts Say : NIST (16:01) - What The Experts Say : Google (16:28) - What The Experts Say : Apple (16:42) - Still More Experts (17:49) - Why 15 Characters (18:06) - Brute Force (18:44) - Password Spray (22:48) - Password Cracking (23:25) - A Hashing Algorithm (24:07) - More About Hashes (25:49) - So What Is Password Cracking (27:16) - Windows Hashes (27:42) - The LM Hashing Algorithm (29:46) - LM Hash Is "Weak" (30:55) - LM Vs. NTLM Cracking (31:14) - Why 15 Character Passwords – Answer (32:06) - CJ's Response to the Problem (36:32) - Let's See the Mathm (37:09) - Math Examples (40:30) - From the Field (42:47) - Would You Like To Play A Game? (45:03) - Take Aways (46:46) - Are You Really Going To Let This Guy Decide (48:33) - Audience Questions & Comments

Join us in the Black Hills InfoSec Discord server here: https://discord.gg/BHIS to keep the security conversation going! Reach out to Black Hills Infosec if you need pentesting, threat hunting, ACTIVE SOC, incident response, or blue team services -- https://www.blackhillsinfosec.com/ 00:00 - Preshow Announcements03:27 - Disclaimer07:30 BYOD and Cloud; Network Blocks12:41 - Eyewitness17:11 - Shodan/ images.shodan.io24:30 - Scraping Users with Google and Burp; Password Spraying30:22 - Attacking Google 2FA; Phishing Ruse35:03 - Credsniper42:14 - Getting Documents; Changing Firewall45:02 - Takeaways49:27 - Q&A Description: For this next installment of our Attack Tactics webcast series, John Strand looks at an environment that had no Active Directory. This is odd, but it's becoming more and more common for new companies to have everything in the "cloud" and everything BYOD. This is also a great case-study on how to access services like Git, Slack, Gsuites, Salesforce and so on, because even if you are still using AD, you WILL be moving to the cloud. This webcast is for everyone.Finally, as testers, we need to evolve our testing to be able to successfully test these cloud services. This means we all need to up our game and be ready for the next round of cloud-based enterprise technologies!Slides can be found here: https://www.blackhillsinfosec.com/webcast-attack-tactics-3/Black Hills Infosec Socials Twitter: https://twitter.com/BHinfoSecurity Mastodon: https://infosec.exchange/@blackhillsinfosec LinkedIn: https://www.linkedin.com/company/antisyphon-training Discord: https://discord.gg/bhisBlack Hills Infosec Shirts & Hoodies https://spearphish-general-store.myshopify.com/collections/bhis-shirt-collections Black Hills Infosec Services Active SOC: https://www.blackhillsinfosec.com/services/active-soc/ Penetration Testing: https://www.blackhillsinfosec.com/services/ Incident Response: https://www.blackhillsinfosec.com/services/incident-response/ Backdoors & Breaches - Incident Response Card Game Backdoors & Breaches: https://www.backdoorsandbreaches.com/ Play B&B Online: https://play.backdoorsandbreaches.com/  Antisyphon Training Pay What You Can: https://www.antisyphontraining.com/pay-what-you-can/ Live Training: https://www.antisyphontraining.com/course-catalog/ On Demand Training: https://www.antisyphontraining.com/on-demand-course-catalog/ Educational Infosec Content Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/ Wild West Hackin' Fest YouTube: https://www.youtube.com/wildwesthackinfest Active Countermeasures YouTube: https://youtube.com/activecountermeasures Antisyphon Training YouTube: https://www.youtube.com/antisyphontraining Join us at the annual information security conference in Deadwood, SD (in-person and virtually) — Wild West Hackin' Fest: https://wildwesthackinfest.com/ #bhis #infosec

Special guest Lee Kagan from RedBlack Security talks about his script, his previous guest posts and the future of C2 with Beau Bullock and Sierra.Check out these links:How to Build a C2 Infrastructure with Digital Ocean – Part 1How to Build a C2 Infrastructure with Digital Ocean – C2K RevampedBeau Bullock’s github: MailSniper, PassphraseGen et alLee Kagan’s github: C2Kv2Wild West Hackin’ Fest – our annual information security conference in Deadwood, South Dakota!

Join us in the Black Hills InfoSec Discord server here: https://discord.gg/BHIS to keep the security conversation going! Join David "Fletch" and Sally as they explore the cornucopia of wonderful, free tools in the SysInternals Suite that conveniently are signed by Microsoft and that they use on a daily basis to hack their customers.🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com Black Hills Infosec Socials Twitter: https://twitter.com/BHinfoSecurity Mastodon: https://infosec.exchange/@blackhillsinfosec LinkedIn: https://www.linkedin.com/company/antisyphon-training Discord: https://discord.gg/bhisBlack Hills Infosec Shirts & Hoodies https://spearphish-general-store.myshopify.com/collections/bhis-shirt-collections Black Hills Infosec Services Active SOC: https://www.blackhillsinfosec.com/services/active-soc/ Penetration Testing: https://www.blackhillsinfosec.com/services/ Incident Response: https://www.blackhillsinfosec.com/services/incident-response/ Backdoors & Breaches - Incident Response Card Game Backdoors & Breaches: https://www.backdoorsandbreaches.com/ Play B&B Online: https://play.backdoorsandbreaches.com/ Antisyphon Training Pay What You Can: https://www.antisyphontraining.com/pay-what-you-can/ Live Training: https://www.antisyphontraining.com/course-catalog/ On Demand Training: https://www.antisyphontraining.com/on-demand-course-catalog/ Educational Infosec Content Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/ Wild West Hackin' Fest YouTube: https://www.youtube.com/wildwesthackinfest Active Countermeasures YouTube: https://youtube.com/activecountermeasures Antisyphon Training YouTube: https://www.youtube.com/antisyphontraining

Join us in the Black Hills InfoSec Discord server here: https://discord.gg/BHIS to keep the security conversation going! Reach out to Black Hills Infosec if you need pentesting, threat hunting, ACTIVE SOC, incident response, or blue team services -- https://www.blackhillsinfosec.com/ Chapters(00:00) - Intro (01:00) - Overview (02:48) - Email (09:15) - Google Capture (13:36) - Duo TwoFactor (16:15) - Proxy Cannon (17:56) - SOCAT (18:39) - Demo (22:28) - Password Spraying (26:47) - Invoke Username Harvest (28:56) - Invoke Spray Gmail (34:16) - PowerShell Oneliner (35:47) - MailSniper Repository (36:40) - Tools for Metadata (38:40) - PowerMeta (39:20) - SSO (40:53) - Google API (41:26) - Does MailSniper work with Office365 (42:32) - Does MailSniper work with G Suites (44:18) - Will Microsoft shut down GitHub Join Matt Toussain as he talks about Mailsniper, a tool written by our very own Beau Bullock. Wouldn't you like to START your pen tests knowing every username for all the individuals in your target environment? Gmail, G Suite, Outlook Web Access, Exchange Web Services... Email. A divine gift issued to hackers with no statute of limitations. In this webcast, we explore an exploitation workflow using new features of the MailSniper toolkit testing G Suite. In addition to leveraging G Suites as an Information disclosure engine, we explore the signaling involved with the Google Accounts authentication API. This allows us to observe and bypass protections Google attempts to implement such as Captchas and even 2FA. We close out with a demonstration of mass account enumeration and password guessing attacks!Slides available here: https://www.blackhillsinfosec.com/webcast-testing-g-suites-with-mailsniper/ Black Hills Infosec Socials Twitter: https://twitter.com/BHinfoSecurity Mastodon: https://infosec.exchange/@blackhillsinfosec LinkedIn: https://www.linkedin.com/company/antisyphon-training Discord: https://discord.gg/bhis Black Hills Infosec Shirts & Hoodies https://spearphish-general-store.myshopify.com/collections/bhis-shirt-collections  Black Hills Infosec Services Active SOC: https://www.blackhillsinfosec.com/services/active-soc/ Penetration Testing: https://www.blackhillsinfosec.com/services/ Incident Response: https://www.blackhillsinfosec.com/services/incident-response/  Backdoors & Breaches - Incident Response Card Game Backdoors & Breaches: https://www.backdoorsandbreaches.com/ Play B&B Online: https://play.backdoorsandbreaches.com/  Antisyphon Training Pay What You Can: https://www.antisyphontraining.com/pay-what-you-can/ Live Training: https://www.antisyphontraining.com/course-catalog/ On Demand Training: https://www.antisyphontraining.com/on-demand-course-catalog/  Educational Infosec Content Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/ Wild West Hackin' Fest YouTube: https://www.youtube.com/wildwesthackinfest Active Countermeasures YouTube: https://youtube.com/activecountermeasures Antisyphon Training YouTube: https://www.youtube.com/antisyphontraining Join us at the annual information security conference in Deadwood, SD (in-person and virtually) — Wild West Hackin' Fest: https://wildwesthackinfest.com/ #bhis  #infosec

Join us in the Black Hills InfoSec Discord server here: https://discord.gg/BHIS to keep the security conversation going! Learn active defense cyber deception with John Strand from Antisyphon Training: https://www.antisyphontraining.com/active-defense-cyber-deception-w-john-strand/00:00 - Preshow Announcements 03:00 - Overview04:51 - Defense against recon10:56 - Other recon findings11:11 - First and second attempts; Defense22:30 - John Strand Snowball of Pain25:23 - Password Spray34:45 - OWA Access; Defense36:55 - OWA Access and Pull down the Global Address List; Looking for VPN Instructions; Defense45:24 - Mailsniper Searching/Defense; VPN Access Defense; Honeybadger49:57 - Defense against Domain Recon/SIM; Kerberoasting/GPP and Defense53:54 - Using Creds and Moving Laterally/Defense57:16 - Secondary C2 Defense58:30 - Tips Description: This is the second part of John's series about Attack Tactics. In the first part we discussed how we'd attack. Now, we cover the same attack, but this time we are covering the defensive components the organization could have implemented to stop us every step of the way. "We cover event logs, new vendors, SIEM, UBEA and yes... I hate to say it... Cyber Kill Chain. Remember, the goal is to make your next pentester cry; to make hackers give up and most importantly to have puppies and kittens everywhere love you." - JohnBlack Hills Infosec Socials Twitter: https://twitter.com/BHinfoSecurity Mastodon: https://infosec.exchange/@blackhillsinfosec LinkedIn: https://www.linkedin.com/company/antisyphon-training Discord: https://discord.gg/ffzdt3WUDe Black Hills Infosec Shirts & Hoodies https://spearphish-general-store.myshopify.com/collections/bhis-shirt-collections Black Hills Infosec Services Active SOC: https://www.blackhillsinfosec.com/services/active-soc/ Penetration Testing: https://www.blackhillsinfosec.com/services/ Incident Response: https://www.blackhillsinfosec.com/services/incident-response/ Backdoors & Breaches - Incident Response Card Game Backdoors & Breaches: https://www.backdoorsandbreaches.com/ Play B&B Online: https://play.backdoorsandbreaches.com/  Antisyphon Training Pay What You Can: https://www.antisyphontraining.com/pay-what-you-can/ Live Training: https://www.antisyphontraining.com/course-catalog/ On Demand Training: https://www.antisyphontraining.com/on-demand-course-catalog/ Educational Infosec Content Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/ Wild West Hackin' Fest YouTube: https://www.youtube.com/wildwesthackinfest Active Countermeasures YouTube: https://youtube.com/activecountermeasures Antisyphon Training YouTube: https://www.youtube.com/antisyphontraining Join us at the annual information security conference in Deadwood, SD (in-person and virtually) — Wild West Hackin' Fest: https://wildwesthackinfest.com/#bhis #infosec

John is starting a new series of webcasts called Attack Tactics. This first part  is a step-by-step walk-through of an attack BHIS launched against a customer, with just a few obfuscating tweaks. He covers the tools, how we used them and any other tricks we had to pull out for the attack.The second will be co-hosted by our sister company Active Countermeasures and will go through the defensive side. Stay tuned for more details about that!