Executive brief on how PCI DSS 4.0 affects offensive security practices, penetration testing, and segmentation testing. Watch Now

Featured Workshops & Training

Workshop: Sliver - Getting Started & 1.6 Features

Watch an interactive workshop led by Bishop Fox Senior Security Consultant, Tim Ghatas, as we dive into Sliver, the open-source C2 framework making waves in Red Team ops.

Read More
Illustration of computer exporting data
Workshops & Training

Fuzzing: Get the buzz on fuzz testing in software development

This slide deck includes:

  • Fuzzing Basics
  • How Fuzzing Works
  • Popular Fuzzing Tools
Screenshot of video of Dan Petro interviewing John L about the Unredacter challenge
Workshops & Training

Unredacter Challenge: John L.'s Solution

Challenge Accepted! We asked the security community to take Unredacter to the next level by decoding our secret blurred message. Watch as John L. showcases his solution.
Screenshot of video of Dan Petro interviewing Shawn A about the Unredacter challenge
Workshops & Training

Unredacter Challenge: Shawn A.'s Solution

Challenge Accepted! We asked the security community to take Unredacter to the next level by decoding our secret blurred message. Watch as Shawn A. showcases his solution.
Video screenshot of Dan Petro interviewing Alejando about the security tool challenge
Workshops & Training

Unredacter Challenge: Alejandro's Solution

Challenge Accepted! We asked the security community to take Unredacter to the next level by decoding our secret blurred message. Watch as Alejandro showcases his solution.
Cover slide of presentation: What Bad could Happen? Managing Application risk with Threat Modeling
Workshops & Training

Managing Application Security Risk with Threat Modeling
Screenshot of Yael Barsuto presenting at BSides Las Vegas Youtube on ICS Security Assessments 101
Workshops & Training

13th B-Sides Las Vegas - ICS Security Assessments 101 or How da Fox I Test Dis?

We have seen many ICS attacks both in the news and in several talks at security conferences. They show how ICS protocols are insecure by default and how we can mess with control components so easily. However, from a consulting point of view, are we really asking our ICS clients to let us mess with their critical infrastructure just to show what we already know?
Video thumbnail of Tom Eston and his agenda slide while presenting at BSides Las Vegas 2022
Workshops & Training

13th BSides Las Vegas - Management Hacking 101

Tom Eston, AVP of Consulting at Bishop Fox, shares his best advice for becoming a successful manager and leader in the security industry.
SmogCloud video thumbnail with overlay play button.
Workshops & Training

SmogCloud: Expose Yourself Without Insecurity - Cloud Breach Patterns

Presented at Black Hat 2020, this presentation looks at the most pragmatic ways to continuously analyze your AWS environments and operationalize that information to answer vital security questions. Demonstrations include integration between IAM Access Analyzer, Tiros Reachability API, and Bishop Fox CAST Cloud Connectors, along with a new open source tool SmogCloud to find continuously changing AWS internet-facing services.
Cover slide deck expose yourself without insecurity blackhat arsenal 2020
Workshops & Training

SmogCloud: Expose Yourself Without Insecurity - Cloud Breach Patterns

Black Hat USA 2020 presentation looks at pragmatic ways to answer vital security questions in your AWS environment.
Dufflebag uncovering secrets in exposed ebs volumes Video Thumbnail
Workshops & Training

Dufflebag Deep Dive: Uncovering Secrets in Exposed EBS Volumes

In this video, Dan Petro demonstrates how the Bishop Fox open source tool Dufflebag works.
Watch our Derpcon 2020 demystifying capture the flags ctfs video
Workshops & Training

DerpCon 2020 - Demystifying Capture The Flags (CTF)s

In the talk: Demystifying CTFs, Barrett Darnell will provide an overview of CTF formats, the skills they require and the experience they develop, and conclude with a plethora of CTF resources for those wanting to participate.
Watch our Derpcon 2020 Video: ham hacks breaking into the world of software defined radio with kelly albrink
Workshops & Training

Ham Hacks: Breaking into the World of Software Defined Radio

If you’re a hacker who has always been too afraid of RF protocols to try getting into SDRs, or you have a HackRF collecting dust in your closet, this talk will show you the ropes.
Load More

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.