Offensive Security Blog

This video showcases leading voices in cybersecurity explaining their examinations into how AI is simultaneously transforming cyber defense and supercharging attacker capabilities. Together, they explored how GenAI is reshaping the threat landscape and what security leaders must do to adapt.

The Promise and Perils of AI: Navigating Emerging Cyber Threats - A Dark Reading Panel

Apr 16, 2025

By Rob Ragan

Bishop Fox's, Alethe Denis, recaps and provides key insights from her talk, Epic Fails and Heist Tales: Red Teaming Toward Truly Tested Security, at Wild West Hackin' Fest.

Epic Fails and Heist Tales: A Red Teamer’s Journey to Deadwood

Mar 31, 2025

By Alethe Denis

In this blog, Bishop Fox's Nick Cerne, will compare developing malware in Rust compared to its C counterparts and develop a simple malware dropper for demonstration.

Rust for Malware Development

Mar 24, 2025

By Nick Cerne

Bishop Fox researcher, Jon Williams, explains how they successfully exploited CVE-2024-53704, an authentication bypass in unpatched SonicWall firewalls.

SonicWall-CVE-2024-53704: Exploit Details

Mar 21, 2025

By Jon Williams

A breakdown of CVE-2025-24813 in Apache Tomcat—what it is, who’s actually at risk, and why most users likely aren’t affected. Keep calm and patch your servers.

Tomcat CVE-2025-24813: What You Need to Know

Mar 18, 2025

By Jon Williams

Bishop Fox researchers successfully reverse-engineered the encryption protecting SonicWall SonicOSX firmware, gaining access to the underlying file system.

Tearing Down (Sonic)Walls: Decrypting SonicOSX Firmware

Feb 24, 2025

By Jon Williams

Bishop Fox researchers have successfully exploited CVE-2024-53704, an authentication bypass affecting the SSL VPN component of unpatched SonicWall firewalls.

SonicWall CVE-2024-53704: SSL VPN Session Hijacking

Feb 10, 2025

By Jon Williams

Explores IVR penetration testing methodologies, common vulnerabilities, and strategies to secure these critical systems against modern threats.

From Dial Tone to Throne: IVR Testing in the Spirit of The King of NYNEX

Feb 5, 2025

By Alethe Denis

Culture

Hacking the Norm: Unique Career Journeys into Cybersecurity

Jan 30, 2025

The unique career journeys of Foxes highlight that passion, curiosity, and a willingness to explore can open doors to impactful roles in cybersecurity. Check out a few of their stories.

By Gerben Kleijn, Nathan Elendt, Katie Ritchie

Explore how Bishop Fox integrates critical thinking into Cosmos development to enhance scalability, flexibility, and velocity. By focusing on outcomes and adopting structured analytical processes, we’ve avoided design pitfalls and empowered our teams to deliver impactful solutions.

Cosmos Series Part 4: Results-Oriented Critical Thinking

Jan 21, 2025

By Aaron Symanski

Learn how Bishop Fox's open-source ranking algorithm, raink, can be used to solve general ranking problems that are difficult for LLMs to process.

raink: Use LLMs for Document Ranking

Jan 14, 2025

By Caleb Gross

Review how Red Team insights can shed light on gaps in physical security and play a pivotal role in enhancing workplace security during the continued transition back to office environments as we relearn verification, protocol, and authorization.

Navigating Workplace Security: Red Team Insights for the Return to Office

Jan 10, 2025

By Alethe Denis

Bishop Fox explores the escalating threat of AI-driven deepfakes in social engineering attacks, highlighting their potential to deceive individuals and organizations by impersonating trusted figures through hyper-realistic audio and video fabrications.

Cyber Mirage: How AI is Shaping the Future of Social Engineering

Jan 8, 2025

By Brandon Kovacs

Discover how automation in code integration, deployment, and infrastructure management has streamlined our operations, enhanced deployment velocity, and improved the consistency of our deliverables.

Cosmos Series Part 3: The Importance of Automation

Jan 7, 2025

By Aaron Symanski

This post explores how Bishop Fox transitioned to an outcome-driven approach for Cosmos development, streamlining processes with success criteria, continuous roadmapping, and data-driven prioritization to deliver more impactful customer solutions.

Cosmos Series Part 2: Outcome-driven for Features and Capabilities

Dec 31, 2024

By Aaron Symanski

In 2023, Bishop Fox reengineered Cosmos to give security teams the speed, scale, and flexibility needed to tackle growing attack surface challenges.

Cosmos Series Part 1: Principles for the New Platform

Dec 17, 2024

By Aaron Symanski

Discover Bishop Fox's survey on the current state of SonicWall appliances on the public internet.

Current State of SonicWall Exposure: Firmware Decryption Unlocks New Insights

Dec 13, 2024

By Bishop Fox Researchers

Culture

Our Favorite Pen Testing Tools: 2024 Edition

Dec 12, 2024

It's time for another hacking tool roundup! We’ve polled our team of experts to bring you the most powerful and innovative penetration testing tools.

By Bishop Fox Researchers

Bishop Fox ASM team gives customers a 24-hour head start against critical PAN-OS vulnerability

Bishop Fox ASM Delivers 24-Hour Head Start Against Critical PAN-OS Vulnerability

Dec 9, 2024

By Caleb Gross

Discover Bishop Fox in-depth analysis of SonicWall firewalls, revealing critical insights into firmware security and vulnerability.

Sonicwall Firmware Deep Dive - SWI Firmware Decryption

Dec 2, 2024

By Bishop Fox Researchers

Explore concerns around API security, its unique vulnerabilities, and the need for tailored protection against evolving threats in an API-driven world.

The Growing Concern of API Security

Nov 27, 2024

By Robert Punnett, Nicholas Beacham

Take an in-depth look at multiple approaches to application penetration testing, and the organizational requirements that would favor one approach over another. This blog will explore the different approaches and share key considerations for choosing the best approach for your organization.

Application Pen Testing: Point-In-Time vs Ongoing Approaches Explained

Nov 7, 2024

By Bishop Fox