Hey folks! THURSDAY - BHIS Webcast Join us for a free one-hour webcast with the Black Hills Information Security (BHIS) ANTISOC Continuous Penetration Testing team. Learn how we test our client's security daily and take home tools and techniques to try yourself. Isn’t this

Programmers Can you relate? By Naomi Kramer.

"I gave a webcast on penetration testing methodology a while back, and someone asked me afterward how I use AI in my methodology/workflow. At the time, my answer was 'I don’t.'" Read more: blackhillsinfosec.com/penetration-te… Augmenting Penetration Testing Methodology with Artificial

**NEW** BHIS | Blog Are you logging security events for Active Directory Certificate Services (ADCS)? Detecting ADCS Privilege Escalation by: Alyssa Snow Published: 7/17/2025 Learn more: blackhillsinfosec.com/detecting-adcs…

We just wrapped up another fantastic webcast with the ANTISOC team! Let's continue learning by revisiting a past webcast with Hayden Covington! He taught us how applying scientific principles to detection engineering can dramatically improve your threat detection program,

PROMPT# is Back! This issue of PROMPT# is written by the ANTISOC team at Black Hills Information Security, and it highlights the fascinating work they do. Order a copy here -- spearphish-general-store.myshopify.com/products/promp… if you receive a 404 code that means we can't ship to your location however

"This is a foolproof guide to intercepting traffic from mobile applications built on Flutter, which historically have been especially challenging to intercept." Read more: blackhillsinfosec.com/intercepting-t… Intercepting Traffic for Mobile Applications that Bypass the System Proxy by:

"There are definitely opportunities for us to leverage AI to improve efficiency and performance in our work as penetration testers." Read more: blackhillsinfosec.com/penetration-te… Arcanum Cyber Security Bot by: Craig Vincent Published: 6/25/2025

BACKDOORS & BREACHES - CARD OF THE DAY Have you experienced this? Deck: Core Deck 2.2 Attack/Procedure Type: Initial Compromise Attack/Procedure: Password Spray Tools: SprayingToolkit - github.com/byt3bl33d3r/Sp… FireProx - github.com/ustayready/fir… Hydra - github.com/vanhauser-thc/…

Last week the ANTISOC Team joined us for a free one-hour webcast! We learned the details of how they operate, working to improve our customers security every day, and take home tools and techniques that you can try yourself! Watch the full webcast here --

Join us for this week's ⁠infosec-news stories with the @Black Hills Infosec team live at 4:30pm ET on Mondays -- youtube.com/live/ETrIveKbz…

Hey folks! WEDNESDAY - Antisyphon Training Anticast Join a free one-hour training with Tanya Janca to learn 30 tips for writing secure JavaScript. You'll learn what to do, what to avoid, and how to use open-source tools. Tanya will teach JavaScript-specific threats like XSS and

"This blog will cover how to root an AVD emulator and a physical Pixel 6." Read more: blackhillsinfosec.com/how-to-root-an… How to Root Android Phones by: Dave Blandford Published: 4/23/2025

We heard rumors of this person..... You can order your copy of the ANTISOC issue here -- spearphish-general-store.myshopify.com/products/promp… Unfortunately if you receive a 404 error code that means we currently can't ship to your location however you can read the entire issue for free right here on

Holy Crap… this was fun. #SDCC2025 Thanks to Dent, and my fellow panelists, Joseph Keatinge of REKCAH! Comics and Black Hills Information Security, and Adam Cecchetti - (e/acc) The Future really is ****** 😉

**NEW** BHIS | Blog Are there any wireless devices on your network that you don't know about? Hunt for Weak Spots in Your Wireless Network with Airodump-ng from the Aircrack-ng Suite by: Sean Verity Learn more: blackhillsinfosec.com/hunt-for-weak-…

Heck Yeah!

"In this blog, we’ll explore the different phases of a social engineering penetration test." Read more: blackhillsinfosec.com/how-to-design-… How to Design and Execute Effective Social Engineering Attacks by Phone by: John Malone Published: 06/18/2025

"Hidden (or unlinked, if you prefer) content on websites can lead to security issues in multiple ways." Learn more: blackhillsinfosec.com/how-to-use-dir… How to Use Dirsearch by: Sullo Published: 7/2/2025

Hayden Covington thinks Python is a good coding language for working with SOAR. What is you favorite? Learn more about SOAR in his upcoming Anticast which you can register for here --events.zoom.us/ev/AhtN0G034ZZ…