Offensive Security Blog

In this blog, learn about the transformations that cybercrime groups have undergone and why potential victims should pay attention.

Organized: The Kingpins of Cybercrime

Jul 14, 2022

By Beth Robinson

Advisory

Netwrix Auditor Advisory

Jul 13, 2022

The Netwrix Auditor application is affected by an insecure object deserialization issue that allows an attacker to execute arbitrary code with the privileges of the affected service.

By Jordan Parkin

In this blog, learn why our Foxes enjoy participating in Capture the Flag (CTF) competitions and how it complements their career goals.

Capture the Flag to Advance Your Hacking Skills

Jul 12, 2022

By Carlos Cañedo

Today (and everyday) is the perfect occasion to celebrate our Veterans of the Fox Den. Learn how our veterans served their nation and found cybersecurity as a civilian career path.

Veterans of the Fox Den

Jul 4, 2022

By Beth Robinson

Check out our latest blog to learn about Bluetooth Low Energy (BLE) - the BLE stack, how to pen test against it, and why you should get familiar with this technology.

An Introduction to Bluetooth Security

Jun 27, 2022

By Saul Arias Mendez

Advisory

FileStack Upload Advisory

Jun 23, 2022

The FileStack Upload application is affected by a cross-site scripting (XSS) vulnerability that allows an attacker to upload SVG files with JavaScript code inside them.

By Carlos Yanez

Didn't make it to RSA 2022? Or haven't had a chance to use your virtual pass? No problem! Check out our blog recap highlighting our favorite sessions and what we loved about them.

A 2022 RSA Conference Recap: IRL Edition

Jun 21, 2022

By Britt Kemp

In this blog, we share tips and tricks for how to get involved at security conferences, including which events are our favorite, how to submit CFPs, and tips for enhancing speaking presentations.

Stepping into the Spotlight at Security Conferences

Jun 13, 2022

By Britt Kemp

In this blog, we look at how we can utilize the AWS CloudTrail service to discover other AWS accounts that we could pivot to.

Using CloudTrail to Pivot to AWS Accounts

Jun 7, 2022

By Gerben Kleijn

ripgen is a super-fast subdomain permutation discovery tool that helps map the full scope of an attack surface. Learn how our Cosmos team uses ripgen to uncover unknown subdomain findings in our clients' environments.

ripgen: Taking the Guesswork Out of Subdomain Discovery

Jun 1, 2022

By Justin Rhinehart, Joe Sechman

Last year, decentralized finance (DeFi) grew tremendously, not only in usage, but also in cybersecurity attack. To understand the risks of these new blockchain technologies and use cases, we analyzed the main hacks that occurred in 2021.

Call of DeFi: The Battleground of Blockchain

May 24, 2022

By Dylan Dubief

Managing Sr. Consultant Ben Lincoln tested a Ruby on Rails application that was vulnerable to three of the most common types of Ruby-specific RCE vulnerabilities. Here is a walkthrough and new test harness that you can use to enable more efficient web application exploitation.

Ruby Vulnerabilities: Exploiting Dangerous Open, Send and Deserialization Operations

May 17, 2022

By Ben Lincoln

Advisory

CVE-2022-1388: Scan BIG-IP for Exact Release Versions

May 10, 2022

Worried about your BIG-IP devices and if they are impacted by CVE-2022-1388? We built a scanner that can help you quickly determine if they are running versions that need to be patched. Check it out!

By Caleb Gross

We recently launched Bishop Fox Academy, a company-wide career development and continuous learning program to uphold our position as an offensive security leader.

Getting Schooled in Security: Bishop Fox Academy

May 10, 2022

By Andrew Wilson

In honor of Dia del Trabajo (Labor Day) on May 1, we talked to Foxes in Mexico about their cybersecurity journeys, life at Bishop Fox, Mexico as a tech leader, and any advice they have to fellow Mexicans who want to join the industry.

The Foxes of Mexico: A Security Roundtable

May 1, 2022

By Beth Robinson

During the last few years, no other cyber threat has dominated headlines as much as ransomware, with SANS even declaring 2020 and 2021 “the years of ransomware”. Explore the latest ransomware trends, including ransomware as decoys, RaaS, and attacks on supply chains.

Ransomware: How Adversaries are Upping the Ante

Apr 27, 2022

By Trevin Edgeworth

In keeping with our new tradition of crowdsourcing pen testing tool topics, it became clear that you wanted more on fuzzing! Learn which fuzzing tools are our pen testers' favorites to add to your security toolbox.

Our Top 9 Favorite Fuzzers

Apr 19, 2022

By Britt Kemp

We dispel some misconceptions of finding a mentor and provide some straightforward ideas for developing a mentor-mentee relationship, no matter the stage of your career.

Cybersecurity Mentors: Why & How to Find Your Match

Apr 12, 2022

By Britt Kemp

Nuclei is one of our favorite tools to run more speedy, efficient, customized, AND accurate multi-protocol vulnerability scanning. Learn how our teams use this tool to uncover risks in our clients' environments.

Nuclei: Packing a Punch with Vulnerability Scanning

Apr 5, 2022

By Matt Thoreson, David Bravo, Zach Zeitlin, Sandeep Singh

See how talent shortage and the Great Resignation movement is impacting the cybersecurity workforce, and learn how Bishop Fox approaches recruiting and retention of cybersecurity talent.

Cyber Talent: Exploring the Ongoing Shortage & Great Resignation

Mar 29, 2022

By Beth Robinson

In the third part of our “Reports from the Field” series, we’ll explore how attackers utilize all tools available (including open source) to dig for an exploit.

Reports from the Field: Part 3

Mar 22, 2022

By Wes Hutcherson

In honor of Women’s History Month and the paths ladies are forging in cybersecurity, we talked to Foxes about their cybersecurity journeys, their experiences at Bishop Fox, and any advice they have to other women who may be new to the field.

Women of the Fox Den: A Security Roundtable

Mar 15, 2022

By Britt Kemp

In the second part of our “Reports from the Field” series, we’ll explore exposed configuration files. If you want to check out our first part on reused credentials, visit: Reports from the Field, Part 1.

Reports from the Field: Part 2

Mar 8, 2022

By Wes Hutcherson