Executive brief on how PCI DSS 4.0 affects offensive security practices, penetration testing, and segmentation testing. Watch Now

Bishop Fox Labs

Collaborative Analysis. Real-World Impact.

Our offensive security experts are dedicated to finding creative solutions to difficult security problems and then sharing that information freely. 

We believe the only way to advance the state of security is to collaborate with the broader community, and we do our best to contribute tools, research, and knowledge that can improve the security and privacy of data and systems. We hope our work has real impact on real lives. It's what inspires us every day.

Technical Blog Posts Check Out Advisories

Driven by Mission & Vision

We're committed to innovation and openly sharing information.

News Insights

Hear from our security experts on the latest happenings in the news from regulation updates to hacks around the world.

Hear from Experts

Vulnerability Intelligence

Get in-depth insights into the latest vulnerabilities found and explored by our offensive security experts.

Get the Latest

Security Advisories

Dive into the latest security bulletins and advisories curated by our expert team at Bishop Fox, encapsulating cutting-edge insights into the rapidly evolving cybersecurity landscape.

Read the Advisories

Hacking Tools

Augment your cybersecurity capabilities with an arsenal of tools and cutting-edge research, meticulously developed by Bishop Fox's team of seasoned, expert professionals.

Download the Tools

Training Sessions

Watch our training sessions to expand your continued education and give you a leg-up against threat actors in your hacking endeavors.

Watch the Sessions

Technical Guides

Download our detailed technical guides for an advanced look at frameworks, tools, and more.

Download the Guides
left

Expert-driven insights into the latest happenings

News Insights

Interview-style video recordings highlighting one individual that answers a question or discusses a relevant cybersecurity news topic. The goal is to showcase BF thought leadership on newsworthy topics on our website and across our social media channels.

Read More Intelligence
Traeger Video Card Template
Workshops & Training

Where there’s smoke…: How a Traeger vulnerability could have put grilling season at risk

Bishop Fox Security Consultant, Nisk Cerne discovered and worked with Traeger Grills to disclose a vulnerability in the company’s embedded Wi-Fi Controller that allows users to connect to and control their grills remotely.

Learn More
Screenshot of Caleb Gross in a video for News Insights focused on the Invanti vulnerability
Executive Briefing

The Zero-Day Arms Race: Why Asset Management Trumps Vulnerability Whack-a-Mole

Caleb Gross, Director of Capability Development, gives his insight on the dynamics of exploit creation and execution and what organizations can do to not only mitigate risk from this event, but also stay focused on minimizing exposure across the business.

Learn More
Video screenshot of security researcher Justin Rhinehart
Executive Briefing

Behind closed (but vulnerable) doors: How do we get research like Unsaflok?

Justin Rhinehart distills for us and the broader public how this type of “marquee” research comes to market in an ethical and responsible way. Watch Now!

Learn More
Trevin Edgeworth, Red Team Practice Director at Bishop Fox, presenting a News Insights segment titled ‘Does X Mark a Target?’ in a virtual video discussion.
Executive Briefing

News Insights: Does X Mark a Target? with Trevin Edgeworth, Director of Red Team

In light of the recent security breaches involving Bitcoin and SEC’s X account, our Red Team Practice Director, Trevin Edgeworth, analyzes the role of fluctuating security programs in these incidents. He discusses how attackers exploit confusion, communication gaps, and vague policies, and identifies weak points in shared security responsibility.

Learn More
Video player with Trevin Edgeworth, Red Team Practice Director
Executive Briefing

What Unpatched Vulnerabilities Reveal: A Red Teamer's Perspective by Trevin Edgeworth, Director of Red Team

Bishop Fox's Red Team Director, Trevin Edgeworth, spotlights two notable vulnerabilities - left unpatched for years on end and discusses how unpatched vulnerabilities can wreak havoc on businesses. One, an unpatched six-year-old flaw in Microsoft Office, the other in Google Web Toolkit (GWT), unaddressed for eight years.

Learn More
Video of Alethe Denis, Security Expert - Red Team, discussing 23AndMe Hack.

News Insights: 23AndMe with Alethe Denis, Security Expert - Red Team

Alethe Denis, a Bishop Fox Senior Red Team consultant and Social Engineering expert, reveals her quick-take perspective on what she sees as different about the 23AndMe breach, and how it’s viewed by someone who is a career social engineer.

Learn More
left

In-Depth Findings

Vulnerability Intelligence

Insights include the origins and technical components of the vulnerability, how pen testers can find and exploit the vulnerability, and the relative business impact the vulnerability can have on an organization.

Read More Intelligence
Banner with text Traeger Grill Hack
Technical

Jul 02, 2024

Product Security Review Methodology for Traeger Grill Hack

By Nick Cerne

Headshot of Chris Scrivana with blog title, Unmask IAM Permissions
Technical

Jun 06, 2024

The Unmask IAM Permission: API Gateway Access Logging

By Chris Scrivana

Vulnerability intelligence tab with text 'Patch Your Firewalls: Pan-OS CVE-2024-3400'
Technical

Apr 19, 2024

PAN-OS CVE-2024-3400: Patch Your Palo Alto Firewalls

By Bishop Fox

Hacker on computer with multiple hacking windows
Technical

Mar 21, 2024

The iSOON Disclosure: Exploring the Integrated Operations Platform

By Bishop Fox

Black and dark purple background with white and teal letters and banners.
Technical

Mar 08, 2024

Further Adventures in Fortinet Decryption

By Bishop Fox

Dark purple and black background with white and teal font.
Technical

Mar 01, 2024

CVE-2024-21762 Vulnerability Scanner for FortiGate Firewalls

By Bishop Fox

Dark purple background with teal and white neon letter.
Technical

Jan 15, 2024

It’s 2024 and Over 178,000 SonicWall Firewalls are Publicly Exploitable

By Jon Williams

What the Vuln logo in neon and teal letters with dark purple background.
Technical

Oct 27, 2023

Building an Exploit for FortiGate Vulnerability CVE-2023-27997

By Bishop Fox

Dark purple background with purple, teal, and white letters. What the Vuln title with Analysis and Exploitation of CVE-2023-3519.
Technical

Aug 04, 2023

Analysis and Exploitation of CVE-2023-3519

By Caleb Gross

Bishop Fox WTV EDR Bypass OG
Workshops & Training

How Attackers Slip Past EDR: A Live Look at LoLBins in Action

Watch the second episode of our What the Vuln livestream series as we explore how to bypass endpoint detection and response (EDR) with native Windows binaries to gain advanced post-exploitation control.

Learn More
What the Vuln series with purple background, neon purple, white, and teal letters of title Breaking Fortinet Firmware Encryption and Bishop log in bottom left.
Technical

Aug 02, 2023

Breaking Fortinet Firmware Encryption

By Jon Williams

What the Vuln neon logo with the subtitle: Technical Series Quartely Roundup subtitle and featuring a fox in a hoody pointing to the logo..

What the Vuln Series: Quarterly Roundup

Watch the third episode of our What the Vuln technical series as we share the most intriguing vulnerabilities that we encountered in Q2 2023 and how we hacked them.

Learn More
What the Vuln series: Citrix ADC RCE title and vulnerability intelligence tab
Technical

Jul 21, 2023

Citrix ADC Gateway RCE: CVE-2023-3519 is Exploitable, and 53% of Servers Are Unpatched

By Caleb Gross, Jon Williams

Dark purple background What the Vuln neon purple letters and title in blue and white code font letters and numbers.
Technical

Jun 30, 2023

CVE-2023-27997 Is Exploitable, and 69% of FortiGate Firewalls Are Vulnerable

By Caleb Gross

District Con 2025 Decryption Firmware with Sonicrack video logo with play button.
Technical Briefing

Tearing Down (Sonic)Walls: Reverse-Engineering SonicOSX Firmware Encryption

Researchers walk through cracking SonicOSX: extracting keys, decrypting firmware, and analyzing its architecture at DistrictCon 2025.

Learn More
left

Responsible Disclosure Program

Security Advisories

We're proud to participate in Responsible Disclosures, where we expose vulnerabilities identified by Foxes in the course of company-sponsored research or during client engagements.

Explore All Advisories
Gauge showing high severity reading for a security advisory for EzAdsPro “BlackBox” application.
Advisory

Jul 02, 2024

Traeger Grill D2 Wi-Fi Controller, Version 2.02.04

By Nick Cerne

Gauge showing high severity reading for a security advisory for EzAdsPro “BlackBox” application.
Advisory

Jun 17, 2024

ExpressionEngine, Version 7.3.15

By Matthieu Keller

Gauge showing high severity reading for a security advisory for EzAdsPro “BlackBox” application.
Advisory

Jun 20, 2023

TaskCafe, Version 0.3.2 Advisory

By Joan Bono, Luis De la Rosa Hernandez

Gauge showing high severity reading for a security advisory for EzAdsPro “BlackBox” application.
Advisory

Apr 13, 2023

WP Coder, Version 2.5.3 Advisory

By Etan Castro Aldrete

Security Vulnerability Gauge showing a low severity reading FileStack Upload Advisory
Advisory

Apr 04, 2023

Microsoft Intune, Version 1.55.48.0 Advisory

By Ben Lincoln

Gauge with medium severity reading for FlowscreenComponents Basepack, Version 3.0.7 Advisory. Mautic Version <=3.2.2 Advisory. eCatcher Desktop, Version 6.6.4 Advisory.
Advisory

Apr 04, 2023

Windows Task Scheduler Application, Version 19044.1706 Advisory

By Ben Lincoln

Gauge showing high severity reading for a security advisory for EzAdsPro “BlackBox” application.
Advisory

Jan 25, 2023

EzAdsPro BlackBox Advisory

By Dan Petro

Training session title: Swagger Jacker Training about improved auditing of OpenAPI Definition Files with the headshot os security consultant Tony West, a Bishop Fox adversarial operator.

LIVE ON YOUTUBE, LINKEDIN, TWITTER

New Tool: Swagger Jacker, Improving Auditing of OpenAPI Definition Files

Discover the power of Swagger Jacker, an open-source audit tool designed to improve inspection of unintentionally exposed OpenAPI definition files for penetration testers.

Watch the On-Demand Session

Try Popular Tools from Bishop Fox

A Hacker's Tool Kit

Sliver

Emulate threats and demonstrate the risk of a breach.

Sliver is a cross-platform general purpose implant framework designed to be an open-source alternative to Cobalt Strike. It supports asymmetrically encrypted C2 over DNS, HTTP, HTTPS, and Mutual TLS, and supports multiplayer mode for collaboration.

Get Sliver

CloudFox

Find exploitable attack paths in cloud infrastructure.

CloudFox is a command line tool created to help penetration testers and other offensive security professionals find exploitable attack paths in cloud infrastructure. It currently supports AWS.

Get CloudFox

Broken Hill

An attack tool for large language models (LLM).

Broken Hill is a productionized Greedy Coordinate Gradient (CGC) attack tool for use against large language models.

Get Broken Hill
See Available Tools
left

Learn from the Experts

Training Sessions

Catch our training sessions whether they are livestreams showcasing how to use Bishop Fox's elite open-source tools, in-depth Discord workshops, or interviews of security influencers and leaders at major conferences like RSA and DEF CON.

Watch the Sessions
Headshot of Senior Security Consultant Brandon Kovacs
Virtual Session

Cyber Mirage: How AI is Shaping the Future of Social Engineering

In this webcast, Senior Security Consultant Brandon Kovacs aims to illuminate the sophisticated capabilities that AI brings to the table in creating hyper-realistic deepfakes and voice clones.

Learn More
2024 Q3 Livestream Def Con General Tile
Virtual Session

Bishop Fox Livestream at DEF CON 32

Join us for a livestream from DEF CON 32 to hear seasoned hackers and cybersecurity experts inspire and empower the tech community to reclaim the security landscape through active engagement and innovation.

Learn More
Headshot of speaker Rob Ragan with copy text "Testing LLM Algorithms While AI Tests Us"
Virtual Session

Testing LLM Algorithms While AI Tests Us

The presentation delves into securing AI & LLMs, covering threat modeling, API testing, red teaming, emphasizing robustness & reliability, sparking conversation on our interactions with GenAi.

Learn More
Headshot with Alissa Gilbert and livestream title, "Come WiFind Me"
Workshops & Training

Come WiFind Me: WiFi & Other RF Surveillance

Join Alissa Gilbert (dnsprincess) as she dispels myths around RF tracking, negates some fears, and gives completely new ones in its place.

Learn More
Webcast title plus headshot of the two speakers, Chistie Terrill and Tom Eston.
Virtual Session

Cyber Resilience: Tactics for Post-Attack Recovery 

Join Christie Terrill and Tom Eston as they share practical advice on the proactive security measures you can take today and provide a space to ask our security experts your most pressing questions.

Learn More
Pwing the Domain with Silver Framework with purple and black background.
Workshops & Training

Sliver Mastery: Dominating Active Directory Through Advanced Trust Exploitation

Senior security expert Jon Guild demonstrates how to use the Sliver C2 framework to develop advanced offensive security skills. Arm yourself with the knowledge and skills of enumeration, lateral movement, and escalation techniques from first-hand experience in a vulnerable lab environment.

Learn More
Video thumbnail featuring the speaker headshot, Jon Guild, and the title of the webcast: How to Ace the OSEP exam with the Sliver Framework.
Workshops & Training

Ace the OSEP Exam with Sliver Framework

Unlock the secrets of passing the OSEP exam with our senior security expert, Jon Guild. Join us as Jon shares his invaluable tips and tricks for conquering this benchmark exam designed for penetration testers.

Learn More
Purple gradient background with headshot of speaker on left side.
Virtual Session

OWASP ASVS: Unlocking Stronger Application Security

Join offensive security expert Shanni Prutchi in this livestream as she shares her analysis of the 278 verification requirements listed in OWASP's Application Security Verification Standard (ASVS). Learn how to generate test cases and gain insights to effectively test your applications against the standard.

Learn More
The Art of Hacking neon logo on dark background.

The Art of Hacking: Livestream from DEF CON 31

Join us Friday, August 11, 2023 for a livestream from DEF CON 31 to hear seasoned hackers and cybersecurity experts uncover the intricacies of ethical hacking and how the hacker spirit can be harnessed to push the boundaries of technology.

Learn More
The art & science of cuber leadership neon logo on dark purple background.

The Art & Science of Cyber Leadership: A Livestream from RSAC 2023

Join us for a livestream from RSA Conference to explore cybersecurity leadership through multiple lenses. Get perspectives from CISOs, industry authorities, cyber-focused investors, and security founders on topics that are top of mind for today’s security leaders.

Learn More
left

Written For Security Practitioners

Technical Guides

Unlock the secrets of cybersecurity with our in-depth technical guides. Delve into advanced frameworks, explore cutting-edge tools, and elevate your digital defenses.

Download the Guides
OWASP ASVS Demystified digital guide on purple lock background.
Guides & Report

OWASP ASVS Demystified: A Practical Guide to Web Application Security Testing

In this technical guide, offensive security expert Shanni Prutchi provides analysis of the entire 278 verification requirements listed in OWASP's ASVS standard to assist in the generation of test cases and provide context to companies looking to test their applications against the standard.

Learn More
Preview cover page of the asminject.py technical guide highlighting the capabilities of it, a Linux code injection security tool.
Guides & Report

asminject.py: Compromise Trusted Linux Processes and Containers

This step-by-step technical guide highlights the capabilities of asminject.py, a code injection tool used to compromise Linux processes and containers.

Learn More
Bishop Fox Penetration Testing Resource Guide preview
Guides & Report

Penetration Testing Resource Guide

This handy guide provides a list of great resources for learning to be a pen tester.

Learn More
Vintage vinyl record sleeve featuring a purple fox with Greatest hits of offensive testing tools in 2022. Greatest Hits: A Compilation of Our Favorite Offensive Testing Tools.
Guides & Report

Greatest Hits: A Compilation of Our Favorite Offensive Testing Tools

What’s better than a Top 10 List? An ultimate guide of all our favorite lists – from red team and cloud penetration tools TO our favorite music to hack to and the best reads for your offensive security journey. We’ve got you covered to level up your penetration testing game with this comprehensive guide of hacking goodies.

Learn More
Illustration of 3 documents next to each other
Guides & Report

Breaking & Entering: A Pocket Guide for Friendly Remote Admins

This user-friendly guide offers a comprehensive offensive security roadmap for sysadmins, penetration testers, and other security professionals.

Learn More
Preview of the Bishop Fox cybersecurity style guide pamphlet on dark purple background.
Guides & Report

Cybersecurity Style Guide v2.0

Designed for security researchers, this guide is an invaluable resource for advice on which cybersecurity terms to use in reports and how to use them correctly.

Learn More

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.