AI-Powered Application Penetration Testing—Scale Security Without Compromise Learn More

bishopfox-logo-grey
Get Started

Technical Research

Technical Research

Breaking HTTPS in the IoT: Practical Attacks For Reverse Engineers

Breaking HTTPS in the IoT: Practical Attacks For Reverse Engineers

Jun 30, 2020

Bishop Fox's Nathan Elendt discusses three attack techniques for performing Man-in-the Middle attacks against production-grade, HTTPS-protected Things.

By Nathan Elendt
Technical Research

How to Set Up Your Hardware Lab

How to Set Up Your Hardware Lab

Jun 23, 2020

Jordan Parkin discusses hardware hacking and the tools and equipment for setting up a budget-friendly lab for product security reviews and device research.

By Jordan Parkin
Technical Research

RMIScout: Safely and Quickly Brute-Force Java RMI Interfaces for Code Execution

RMIScout: Safely and Quickly Brute-Force Java RMI Interfaces for Code Execution

May 26, 2020

Open source RMIScout performs wordlist and brute-force attacks against exposed Java RMI interfaces to safely guess method signatures without invocation.

By Jake Miller
Technical Research

The TL;DR on TF-IDF: Applied Machine Learning

The TL;DR on TF-IDF: Applied Machine Learning

Apr 9, 2020

Joe Sechman and Greg Mortensen discuss how machine learning algorithms help keep up with constantly changing attack surfaces to detect more vulnerabilities

By Greg Mortensen, Joe Sechman
Technical Research

GadgetProbe: Exploiting Deserialization to Brute-Force the Remote Classpath

GadgetProbe: Exploiting Deserialization to Brute-Force the Remote Classpath

Feb 17, 2020

GadgetProbe is a tool to probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on a remote Java classpath.

By Jake Miller
Technical Research

How to Set Up Zniffer for Z-Wave

How to Set Up Zniffer for Z-Wave

Feb 12, 2020

Bishop Fox helps hardware security testers with a detailed step-by-step process for setting up a Z-Wave Zniffer, a wireless communications protocol.

By Priyank Nigam
Technical Research

Dufflebag: Uncovering Secrets in Exposed EBS Volumes

Dufflebag: Uncovering Secrets in Exposed EBS Volumes

Feb 3, 2020

Dufflebag is an open source tool that allows users to quickly look through public Amazon EBS volumes for snapshots of references to their organizations.

By Dan Petro
Technical Research

Escalator to the Cloud: 5 Privesc Attack Vectors in AWS

Escalator to the Cloud: 5 Privesc Attack Vectors in AWS

Dec 19, 2019

Identify what to look out for to mitigate or remove AWS privilege escalation. Gerben Kleijn sorted the 21 methods across AWS services in five categories.

By Gerben Kleijn
Technical Research

Well, That Escalated Quickly: Privilege Escalation in AWS

Well, That Escalated Quickly: Privilege Escalation in AWS

Dec 19, 2019

For security professionals performing AWS cloud security reviews or pen tests. Explore methods that can be used in practice and explained clearly to clients.

By Gerben Kleijn
Technical Research

CVE-2019-18935: Remote Code Execution via Insecure Deserialization in Telerik UI

CVE-2019-18935: Remote Code Execution via Insecure Deserialization in Telerik UI

Dec 12, 2019

Telerik UI for ASP.NET AJAX insecurely deserializes JSON objects resulting in arbitrary RCE. Learn how to patch and securely configure this software.

By Caleb Gross
Technical Research

SFDC Secure Development Cheat Sheet

SFDC Secure Development Cheat Sheet

Dec 11, 2019

This guide helps developers build secure Salesforce web applications, whether the goal is to pass the AppExchange review or improve an application’s security.

By Zach Julian
Technical Research

Reasonably Secure Electron

Reasonably Secure Electron

Nov 21, 2019

Many still consider the Electron framework insecure. This research describes how to effectively design applications that defend against attacks.

By Joe DeMesy
Technical Research

Glossary of Relevant AWS Terms

Glossary of Relevant AWS Terms

Oct 28, 2019

All entry text is from the AWS Glossary Version 1.0.

By Gerben Kleijn
Technical Research

Breaching the Trusted Perimeter | Automating Exploitation

Breaching the Trusted Perimeter | Automating Exploitation

Sep 12, 2019

Automating Exploitation of a Pulse SSL VPN Arbitrary File Read Vulnerability

By Jon Williams
Technical Research

Meet Eyeballer: An AI-powered, Open Source Tool for Assessing External Perimeters

Meet Eyeballer: An AI-powered, Open Source Tool for Assessing External Perimeters

Aug 8, 2019

Eyeballer is an AI-powered, open-source tool designed to help assess large-scale external perimeters. Eyeballer video explainer included.

By Dan Petro, Gavin Stroy
Technical Research

A How-To Guide for Using ZigDiggity, the Zigbee Hacking Toolkit

A How-To Guide for Using ZigDiggity, the Zigbee Hacking Toolkit

Aug 7, 2019

ZigDiggity is a new, open source hacking toolkit designed for testing Zigbee-enabled systems.

By Francis Brown, Matt Gleason
Technical Research

A How-To Guide for Using Sliver

A How-To Guide for Using Sliver

Aug 5, 2019

Sliver is a general purpose cross-platform implant framework that supports C2 over Mutual-TLS, HTTP(S), and DNS.

By Joe DeMesy, Ronan Kervella
Technical Research

A Need for Vigilance in Open Source Software: Dolibarr CRM Advisory Release

A Need for Vigilance in Open Source Software: Dolibarr CRM Advisory Release

Jul 31, 2019

Bishop Fox researcher Priyank Nigam highlights the need for vigilance in open source security. He provides an overview of the vulnerabilities he found in Dolibarr ERP CRM.

By Priyank Nigam
Technical Research

Going Semi-Automated in an Automated World: Using Human-in-the-Loop Workflows to Improve Our Security Tools

Going Semi-Automated in an Automated World: Using Human-in-the-Loop Workflows to Improve Our Security Tools

Jul 18, 2019

GitGot is a Bishop Fox tool that browses GitHub for sensitive secrets. It's the brainchild of Jake Miller, and you can read more about it in this blog post.

By Jake Miller
Technical Research

GitGot Tool Release

GitGot Tool Release

Jul 18, 2019

GitGot is a Bishop Fox tool that browses GitHub for sensitive secrets. It's the brainchild of Jake Miller, and you can learn how to use it in this write-up.

By Jake Miller
Technical Research

An Introduction to AWS Cloud Security

An Introduction to AWS Cloud Security

Aug 28, 2018

If you're a newcomer to the slightly intimidating world of AWS cloud security, let this primer by Bishop Fox serve as your first jump into a world that you can navigate with some time and patience.

By Gerben Kleijn
Technical Research

A Guide to AWS S3 Buckets Security

A Guide to AWS S3 Buckets Security

Jul 10, 2018

The blog post serving as an intro to our guide on AWS S3 buckets security best practices. Download our guide for more technical information on how you can keep your AWS environment safe.

By Gerben Kleijn
Technical Research

Why You Need IDontSpeakSSL in Your Life

Why You Need IDontSpeakSSL in Your Life

Jun 26, 2018

Get the scoop on IDontSpeakSSL, the network pentesting tool created by Bishop Fox's Florian Nivette. To read about how it works, check out the blog post which explains the difference between it and it

By Florian Nivette
Technical Research

Server-Side Spreadsheet Injection - Formula Injection to Remote Code Execution

Server-Side Spreadsheet Injection - Formula Injection to Remote Code Execution

Jun 11, 2018

Bishop Fox's Jake Miller explains server-side spreadsheet injection, an attack vector based on CSV injection, in this technical write-up based off his Empire Hacking Meetup presentation.

By Jake Miller
Load More

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.