Hire an Editor – Penetration Test Reporting Tips

If you really, honestly, and truly want to take your reports to the next level, hire an editor.

Report As You Go – Penetration Test Reporting Tips

If what you did does not show up in your pentest report, it didn’t happen. So how do you make sure your report captures everything you did? (First in a series of posts.)

Digital Reconnaissance & Recon Tools

The old adage, “knowledge is power,” is true in general, but in infosec, knowledge is mission critical. Luckily, there are a lot of tools to make recon easier.

Learn One. Do One. Teach One.

Building your skill set can seem overwhelming, but if you can break things down into smaller pieces that you share with others, over time you can not only learn a lot of cool stuff, but also help others along the way.

BHIS PreShow Banter Marathon Madness

John Strand and a whole bunch of his friends just spent 24 hours straight, talking, joking, telling stories, sharing life experiences, making music, and generally fooling around, all while live and streaming their shenanigans over YouTube.

System Hardening 101

“Hardening” is a term used by IT professionals to describe various processes used to make computer systems more secure against different kinds of attacks.

A Brief History of Stuxnet

In 2009 something happened that had never been done before in the history of computer malware. A digital weapon was released with the express purpose of attacking specific machines and causing them to fail, sometimes spectacularly.

The Rise and Fall of RC4

RC4 is a stream cipher and variable length key algorithm, and it was once the go-to cipher suite for web encryption. Then someone figured out how to break it.