Featured Resource
LLM-Assisted Vulnerability Research
Explore Bishop Fox's experimental research into applying Large Language Models to vulnerability research and patch diffing workflows. This technical guide presents methodology, data, and insights from structured experiments testing LLM capabilities across high-impact CVEs, offering a transparent look at where AI shows promise and where challenges remain.
Demystifying 5G Security: Understanding the Registration Protocol
In this hands-on workshop, Senior Security Consultant Drew Jones will break down the fundamentals of the 5G registration protocol, explore where security gaps can emerge, and walk through a live simulated lab demonstrating real-world vulnerabilities.
CloudFox: Cloud Enumeration for Penetration Testing
In this session, Mitchell Sperling, Senior Security Consultant at Bishop Fox, will demonstrate how he uses CloudFox during cloud penetration tests to quickly enumerate large cloud environments and identify interesting attack paths.
Sliver Workshop Part 2: Staging & Automation
In our second workshop, we’ll explore Sliver’s new implant staging process and demonstrate basic CLI automation features. We’ll also walk through Sliver’s supported pivot types for lateral movement, including TCP, and wrap up by exploring automation options using the SliverPy project.
Sliver Workshop Part 1: Getting Started & 1.6 Features
Watch an interactive workshop led by Bishop Fox Senior Security Consultant, Tim Ghatas, as we dive into Sliver, the open-source C2 framework making waves in Red Team ops.
Exploiting Java Deserialization in GWT: From Detection to Command Execution
Watch our exclusive livestream with Ben Lincoln, Managing Principal at Bishop Fox, to learn about GWT web application vulnerabilities, exploitation strategies, and security enhancement recommendations.
Sliver Mastery: Dominating Active Directory Through Advanced Trust Exploitation
Senior security expert Jon Guild demonstrates how to use the Sliver C2 framework to develop advanced offensive security skills. Arm yourself with the knowledge and skills of enumeration, lateral movement, and escalation techniques from first-hand experience in a vulnerable lab environment.
Subscribe to our blog
Be first to learn about latest tools, advisories, and findings.
Thank You! You have been subscribed.
Ace the OSEP Exam with Sliver Framework
Unlock the secrets of passing the OSEP exam with our senior security expert, Jon Guild. Join us as Jon shares his invaluable tips and tricks for conquering this benchmark exam designed for penetration testers.
Offensive Security Arsenal: Building and Mastering Custom Security Tools
In this session, learn from Bishop Fox experts who are at the cutting-edge of developing tools, technologies, and methodologies which they use to uncover vulnerabilities and offer guidance to some of the most elite organizations worldwide.
JavaScript Vulnerability Mining: Mastering jsluice for Advanced Web App Testing
Tune in to the eleventh episode of our Tool Talk series to hear Tom Hudson speak about jsluice, an open-source, Go package and command-line tool used to extract information from JavaScript files and code.
Hacker Evolution: From Technical Mastery to Visionary Leadership
Join us Friday, August 11, 2023 for a livestream from DEF CON 31 to hear seasoned hackers and cybersecurity experts uncover the intricacies of ethical hacking and how the hacker spirit can be harnessed to push the boundaries of technology.
Powering Up Burp Suite: Building Custom Extensions for Advanced Web Application Testing
Learn how to power up web application security testing with tips on creating customized extensions featuring BurpCage, an extension that replaces any image proxied through Burp Suite leveraging the Montoya API.
Cybersecurity Style Guide v2.0
Designed for security researchers, this guide is an invaluable resource for advice on which cybersecurity terms to use in reports and how to use them correctly.