Executive brief on how PCI DSS 4.0 affects offensive security practices, penetration testing, and segmentation testing. Watch Now

Featured Workshops & Training

Workshop: Sliver - Getting Started & 1.6 Features

Watch an interactive workshop led by Bishop Fox Senior Security Consultant, Tim Ghatas, as we dive into Sliver, the open-source C2 framework making waves in Red Team ops.

Presentation slide titled ‘Patch Perfect: Harmonizing with LLMs to Find Security Vulns’ by Bishop Fox, featuring Caleb Gross and Josh Shomo, shown at RVAsec cybersecurity conference.
Workshops & Training

Patch Perfect: Harmonizing with LLMs to Find Security Vulns

This talk led by Bishop Fox researchers Caleb Gross & Josh Shomo cuts through the hype and offers a practical perspective that’s grounded in real-world analysis of critical bugs in widely used products.

Traeger Video Card Template
Workshops & Training

Where there’s smoke…: How a Traeger vulnerability could have put grilling season at risk

Bishop Fox Security Consultant, Nisk Cerne discovered and worked with Traeger Grills to disclose a vulnerability in the company’s embedded Wi-Fi Controller that allows users to connect to and control their grills remotely.

Headshot with Alissa Gilbert and livestream title, "Come WiFind Me"
Workshops & Training

Come WiFind Me: WiFi & Other RF Surveillance

Join Alissa Gilbert (dnsprincess) as she dispels myths around RF tracking, negates some fears, and gives completely new ones in its place.

Pwing the Domain with Silver Framework with purple and black background.
Workshops & Training

Sliver Mastery: Dominating Active Directory Through Advanced Trust Exploitation

Senior security expert Jon Guild demonstrates how to use the Sliver C2 framework to develop advanced offensive security skills. Arm yourself with the knowledge and skills of enumeration, lateral movement, and escalation techniques from first-hand experience in a vulnerable lab environment.

Screenshot of a Cloud Security Podcast interview featuring a demo of CloudFoxable, a gamified cloud hacking sandbox developed by the Bishop Fox cloud penetration testing team.
Workshops & Training

CloudFoxable: A Practical Demo of AWS Cloud Security Misconfiguration Attacks

Watch the CloudFoxable demo to see a gamified cloud hacking sandbox where users can find latent attack paths in an intentionally vulnerable AWS environment.

Video thumbnail featuring the speaker headshot, Jon Guild, and the title of the webcast: How to Ace the OSEP exam with the Sliver Framework.
Workshops & Training

Ace the OSEP Exam with Sliver Framework

Unlock the secrets of passing the OSEP exam with our senior security expert, Jon Guild. Join us as Jon shares his invaluable tips and tricks for conquering this benchmark exam designed for penetration testers.

Subscribe to our blog and advisories

Be first to learn about latest tools, advisories, and findings.

Bishop Fox WTV EDR Bypass OG
Workshops & Training

How Attackers Slip Past EDR: A Live Look at LoLBins in Action

Watch the second episode of our What the Vuln livestream series as we explore how to bypass endpoint detection and response (EDR) with native Windows binaries to gain advanced post-exploitation control.

Bishop Fox Livestream Zimbra Tile
Workshops & Training

CVE Spotlight: Breaking Down Zimbra’s RCE Vulnerabilities

Watch the inaugural episode of our What the Vuln livestream series as we examine Zimbra Zip Path Traversal vulnerabilities, CVE-2022-27925 and CVE-2022-37042.

Tool Talk Episode 9 webcast title in neon letters on dark background with Matt Keeley and Joe Sechman headshots presenting the security tool Spoofy.
Workshops & Training

Spoofy in Action: Advancing Domain Spoofing Detection

Learn how to efficiently identify subdomain takeover vulnerabilities using Spoofy, an open-source tool that automates the assessment process and helps protect your organization from potential subdomain spoofing attacks.

Bishop Fox Tool Talk Episode 8 asminject.py
Workshops & Training

Process Injection on Linux: A Deep Dive into asminject.py

Watch as we explore Bishop Fox’s very own asminject.py, a code injection tool that tampers with trusted Linux processes to capture sensitive data and change program behavior.

Bishop Fox Tool Talk episode 7 CloudFox to find exploitable attack paths in cloud infrastructure presented by three security consultants
Workshops & Training

CloudFox in Action: Mapping Exploitable Paths in AWS

Watch as we explore Bishop Fox’s very own CloudFox, a command line tool that helps offensive security practitioners navigate unfamiliar cloud environments and find exploitable attack paths in cloud infrastructure. Tune in to our livestream for a demo of CloudFox!

Sandeep Singh featured headshot for exclusive session on the Nuclei security tool demo.
Workshops & Training

The Mind Behind Nuclei, Demo with Sandeep Singh

Join co-founder of ProjectDiscovery, Sandeep Singh, for a demo of the new Nuclei tool.

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.