AI-Powered Application Penetration Testing—Scale Security Without Compromise Learn More

bishopfox-logo-grey
Get Started

Resource Center

Discover offensive security resources ranging from reports and guides to our latest webcasts and livestreams.

Customer Stories Datasheets Guides Methodologies Reports Virtual Sessions View All
Featured Resources
Guides

LLM-Assisted Vulnerability Research

LLM-Assisted Vulnerability Research
Read Guide
Guides

Red Team Readiness Guide

Red Team Readiness Guide
Read Guide
Solution Briefs

Application Portfolio Penetration Testing Solution Brief

Application Portfolio Penetration Testing Solution Brief
Read Briefing
Workshops & Training

Building Tools: What, When, and How

Building Tools: What, When, and How
Watch Workshop
Workshops & Training

Reverse Engineering Mobile Apps

Reverse Engineering Mobile Apps

Presentation from BSides Las Vegas 2019 demonstrates the successful exploitation of transit system mobile apps.

Watch Workshop
Customer Stories

Securing Boost.Beast

Securing Boost.Beast
A Non-Traditional Source Code Review Securing the Foundation of Thousands of Web Applications.
Read Story
Workshops & Training

Twist & Shout: Ferris Bueller's Guide to Abuse Domain Permutations

Twist & Shout: Ferris Bueller's Guide to Abuse Domain Permutations

Presentation from Sqr00t 2019 explores the ins and outs of domain abuse, and how to prevent it.

Watch Workshop
Workshops & Training

Check Your Privilege (Escalation)

Check Your Privilege (Escalation)

Presentation from BSides Columbus 2019 discusses common privilege escalation paths on Linux systems.

Watch Workshop
Workshops & Training

Network Penetration Testing Toolkit: Netcat, Nmap, and Metasploit Basics

Network Penetration Testing Toolkit: Netcat, Nmap, and Metasploit Basics

Presentation from Day of Shecurity 2019 familiarizes you with the necessary tools to continue your ethical hacking journey.

Watch Workshop
Workshops & Training

Introduction to Linux - Privilege Escalation Methods

Introduction to Linux - Privilege Escalation Methods

Presentation from Day of Shecurity 2019 explores privilege escalation methods in Linux.

Watch Workshop
Workshops & Training

Pose a Threat: How Perceptual Analysis Helps Bug Hunters

Pose a Threat: How Perceptual Analysis Helps Bug Hunters

Presentation from OWASP AppSec California 2019 offers up dirty tricks to optimize the hunt for security exposures.

Watch Workshop
Customer Stories

Coinbase: Managing Security Through Collaboration

Coinbase: Managing Security Through Collaboration
Combining the HackerOne Platform with Bishop Fox Security Consultants.
Read Story
Customer Stories

Change Healthcare: Securing a Competitive Advantage

Change Healthcare: Securing a Competitive Advantage
As their business expanded, we were there to help Change Healthcare grow and evolve their security posture.
Read Story
Customer Stories

Securing Mobile Security with Bluebox

Securing Mobile Security with Bluebox
Software Security Meets Cybersecurity. Bluebox needed a vendor to conduct a mobile security assessment of their solution. Bishop Fox established that security was the foundation of their software.
Read Story
Customer Stories

Iotium: Securing an Industrial IoT Platform

Iotium: Securing an Industrial IoT Platform

IoTium, a solution designed for the Industrial Internet of Things (IIoT), enlisted Bishop Fox to verify the security of their product offering.

Read Story
Workshops & Training

Drone Hacking: Wireless Mouse Flyby Hijack with DangerDrone

Drone Hacking: Wireless Mouse Flyby Hijack with DangerDrone

Some quick live footage of flying the Danger Drone, a free penetration testing platform from Bishop Fox.

Watch Workshop
Customer Stories

Zephyr Health: Building a Healthy Security Program

Zephyr Health: Building a Healthy Security Program

Designed a security program that meets the highest privacy standards to protect sensitive patient health data.

Read Story
Workshops & Training

Weaponizing Machine Learning

Weaponizing Machine Learning
At risk of appearing like mad scientists, reveling in our latest unholy creation, we proudly introduce you to DeepHack: the open-source hacking AI. This bot learns how to break into web applications using a neural network, trial-and-error, and a frightening disregard for humankind.
Watch Workshop
Workshops & Training

DEF CON 25 (2017) - Game of Drones

DEF CON 25 (2017) - Game of Drones
We’ve taken a MythBusters-style approach to testing the effectiveness of a variety of drone defense solutions, pitting them against our DangerDrone. Videos demonstrating the results should be almost as fun for you to watch as they were for us to produce. Expect to witness epic aerial battles against an assortment of drone defense types.
Watch Workshop
Workshops & Training

Drone Hacking: Defeating Net Defense Products with a Protective Chicken Wire Cage

Drone Hacking: Defeating Net Defense Products with a Protective Chicken Wire Cage
Defeating net-based drone defense products by using a protective chicken wire bubble would defeat the majority of net drone defensive products which rely on the net getting caught in the propellers to take down the drone.
Watch Workshop
Workshops & Training

Drone Hacking: SKYNET Shotgun Shells - Drone Net Shell Testing

Drone Hacking: SKYNET Shotgun Shells - Drone Net Shell Testing
Defeating net-based drone defense products by using a protective chicken wire bubble: The SKYNET 12 gauge shotgun shells blew a hole right through our chicken wire protective cage.
Watch Workshop
Virtual Sessions

Weaponizing Machine Learning: Humanity Was Overrated Anyway

Weaponizing Machine Learning: Humanity Was Overrated Anyway
A video teaser to Bishop Fox's "DeepHack" program, presented at DEF CON 25 on July 29th.
Watch Session
Workshops & Training

DeepHack Demo - Exploiting SQLi by Using an Open-source Hacking AI Tool

DeepHack Demo - Exploiting SQLi by Using an Open-source Hacking AI Tool
At risk of appearing like mad scientists, reveling in our latest unholy creation, we proudly introduce you to DeepHack: the open-source hacking AI. This bot learns how to break into web applications using a neural network, trial-and-error, and a frightening disregard for humankind.
Watch Workshop
Workshops & Training

Lord of the Bing - Search Engine Hacking

Lord of the Bing - Search Engine Hacking
This presentation picks up the subtle art of search engine hacking at the current state and discusses why these techniques fail. We will then reveal several new search engine hacking techniques that have resulted in remarkable breakthroughs against both Google and Bing.
Watch Workshop
Workshops & Training

How We Can Stop Email Spoofing

How We Can Stop Email Spoofing
According to our research, 98 percent of the internet is not protected against email spoofing, which is a relatively easy problem to solve. If you’re concerned that your domain may be vulnerable to spoofing, check out SpoofCheck, our tool that diagnoses web and email domains.
Watch Workshop
Workshops & Training

Danger Drone - Arsenal DEMO

Danger Drone - Arsenal DEMO
Some quick live footage of flying the Danger Drone, a free penetration testing platform from Bishop Fox. She handles great!
Watch Workshop
Workshops & Training

Drone Hacking: Live Footage of Danger Drone

Drone Hacking: Live Footage of Danger Drone

Some quick live footage of flying the Danger Drone, a free penetration testing platform from Bishop Fox. She handles great!

Watch Workshop
Workshops & Training

Game Over, Man! – Reversing Video Games to Create an Unbeatable AI Player

Game Over, Man! – Reversing Video Games to Create an Unbeatable AI Player
“Super Smash Bros: Melee.” – Furrowed brows, pain in your thumbs, trash talk your Mom would blush to hear. What started as a fun coding project in response to a simple dare grew into an obsession that encompassed the wombo-combo of hacking disciplines including binary reverse engineering, AI research, and programming.
Watch Workshop
Load More

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.