Featured Resource
Red Teaming: Is Your Security Program Ready for the Ultimate Test?
In this webcast, Trevin Edgeworth, Red Team Practice Director, will share key insights from decades of experience to help you determine whether Red Teaming is the right next step.
GWT Java Deserialization: Unpatched and Unauthenticated
Watch our exclusive livestream with Ben Lincoln, Managing Principal at Bishop Fox, to learn about GWT web application vulnerabilities, exploitation strategies, and security enhancement recommendations.
Pwning the Domain with Sliver Framework
Senior security expert Jon Guild demonstrates how to use the Sliver C2 framework to develop advanced offensive security skills. Arm yourself with the knowledge and skills of enumeration, lateral movement, and escalation techniques from first-hand experience in a vulnerable lab environment.
Ace the OSEP Exam with Sliver Framework
Unlock the secrets of passing the OSEP exam with our senior security expert, Jon Guild. Join us as Jon shares his invaluable tips and tricks for conquering this benchmark exam designed for penetration testers.
"Mastering Your Tools Session" - DEF CON 31
In this session, learn from Bishop Fox experts who are at the cutting-edge of developing tools, technologies, and methodologies which they use to uncover vulnerabilities and offer guidance to some of the most elite organizations worldwide.
Tool Talk: jsluice
Tune in to the eleventh episode of our Tool Talk series to hear Tom Hudson speak about jsluice, an open-source, Go package and command-line tool used to extract information from JavaScript files and code.
The Art of Hacking: Livestream from DEF CON 31
Join us Friday, August 11, 2023 for a livestream from DEF CON 31 to hear seasoned hackers and cybersecurity experts uncover the intricacies of ethical hacking and how the hacker spirit can be harnessed to push the boundaries of technology.
Subscribe to our blog and advisories
Be first to learn about latest tools, advisories, and findings.
Thank You! You have been subscribed.
Burp Suite Extensions Explained
Learn how to power up web application security testing with tips on creating customized extensions featuring BurpCage, an extension that replaces any image proxied through Burp Suite leveraging the Montoya API.
Cybersecurity Style Guide v2.0
Designed for security researchers, this guide is an invaluable resource for advice on which cybersecurity terms to use in reports and how to use them correctly.
Tool Talk: Spoofy
Watch to explore Spoofy, a domain spoofing tool that checks whether a list of domains (in bulk) can be spoofed based on SPF and DMARC records.
Greatest Hits: A Compilation of Our Favorite Offensive Testing Tools
What’s better than a Top 10 List? An ultimate guide of all our favorite lists – from red team and cloud penetration tools TO our favorite music to hack to and the best reads for your offensive security journey. We’ve got you covered to level up your penetration testing game with this comprehensive guide of hacking goodies.
The Mind Behind Nuclei, Demo with Sandeep Singh
Join co-founder of ProjectDiscovery, Sandeep Singh, for a demo of the new Nuclei tool.
Tool Talk: Unredacter
In our fourth edition of the Tool Talk series, we dive into Unredacter, a tool created by Dan Petro, Lead Researcher at Bishop Fox, that takes redacted pixelized text and reverses it back to its original text.