Resource Center

Presentation from BSides Tampa 2020 explores the vulnerabilities of machine learning systems and how to mitigate them.

Presentation from BSides San Francisco 2020 offers practical advice for security writers.

Secured a new voice-enabled speaker at launch by integrating security testing into every stage of development.

Existing Zigbee hacking solutions have fallen into disrepair, having barely been maintained, let alone improved upon. Left without a practical way to evaluate the security of Zigbee networks, we've created ZigDiggity, a new open-source pentest arsenal from Bishop Fox.

In this talk, Ben Morris shows how he found all sorts of secrets and associated data—passwords, SSH private keys, TLS certificates, application source code, API keys, and anything else that might be stored on a server hard disk.

Presentation from Black Hat USA 2019 reveals an open-source pentest arsenal for Zigbee networks.

Presentation from Kapersky SAS 2019 on an unfortunate side effect to achieving HTTPS everywhere and learn what can be done to mitigate the risk.

Validated products against real-world attack scenarios, delivering the transparency and assurance promised to customers.

Presentation from BSides Las Vegas 2019 demonstrates the successful exploitation of transit system mobile apps.

A Non-Traditional Source Code Review Securing the Foundation of Thousands of Web Applications.

Presentation from Sqr00t 2019 explores the ins and outs of domain abuse, and how to prevent it.

Presentation from BSides Columbus 2019 discusses common privilege escalation paths on Linux systems.

Presentation from Day of Shecurity 2019 familiarizes you with the necessary tools to continue your ethical hacking journey.

Presentation from Day of Shecurity 2019 explores privilege escalation methods in Linux.

Presentation from OWASP AppSec California 2019 offers up dirty tricks to optimize the hunt for security exposures.

Combining the HackerOne Platform with Bishop Fox Security Consultants.

As their business expanded, we were there to help Change Healthcare grow and evolve their security posture.

Software Security Meets Cybersecurity. Bluebox needed a vendor to conduct a mobile security assessment of their solution. Bishop Fox established that security was the foundation of their software.

IoTium, a solution designed for the Industrial Internet of Things (IIoT), enlisted Bishop Fox to verify the security of their product offering.

Some quick live footage of flying the Danger Drone, a free penetration testing platform from Bishop Fox.

Designed a security program that meets the highest privacy standards to protect sensitive patient health data.

At risk of appearing like mad scientists, reveling in our latest unholy creation, we proudly introduce you to DeepHack: the open-source hacking AI. This bot learns how to break into web applications using a neural network, trial-and-error, and a frightening disregard for humankind.

We’ve taken a MythBusters-style approach to testing the effectiveness of a variety of drone defense solutions, pitting them against our DangerDrone. Videos demonstrating the results should be almost as fun for you to watch as they were for us to produce. Expect to witness epic aerial battles against an assortment of drone defense types.

Defeating net-based drone defense products by using a protective chicken wire bubble would defeat the majority of net drone defensive products which rely on the net getting caught in the propellers to take down the drone.