UPCOMING SLIVER WORKSHOP: Getting Started & 1.6 Features Learn More

Featured Resource

Red Teaming: Is Your Security Program Ready for the Ultimate Test?

In this webcast, Trevin Edgeworth, Red Team Practice Director, will share key insights from decades of experience to help you determine whether Red Teaming is the right next step.

Read More
Preview cover page of the asminject.py technical guide highlighting the capabilities of it, a Linux code injection security tool.
Guide

asminject.py: Compromise Trusted Linux Processes and Containers

This step-by-step technical guide highlights the capabilities of asminject.py, a code injection tool used to compromise Linux processes and containers.
Tool Talk Episode three: Nuclei security tool with headshots of the four speakers on dark background.
Virtual Session

Tool Talk: Nuclei

In our third edition of the Tool Talk series, we dive into the open-source tool Nuclei, a fast and customizable vulnerability scanner based on simple YAML-based DSL.
Tool Talk Episode 6: Debugging Ruby Exploits
Virtual Session

Tool Talks: Debugging Ruby Exploits

In our sixth edition of the Tool Talk series, we explore a new test harness for discovering and crafting Ruby exploits.
Top 50 Questions to Ask When Evaluating Offensive Security Providers check list first page preview
Guide

Evaluating Offensive Security Solutions: Top 50 Questions to Ask

To ensure your security investments offer complete visibility into your attack surface and uncover critical risks at scale, we've compiled questions to help you evaluate solutions. We focus on six key areas: attack surface discovery, exposure identification, triage, validation, remediation, and outputs.
Headshots of security consultants, Matt Keeley and Joe Sechman presenting episode 2 of Bishop Fox Tool Talks: Fuzzing.
Virtual Session

A Deep Dive Into Fuzzing

Get the buzz on fuzz testing in software development.
Bishop Fox Tool Talk Eyeballer episode 1, now on demand - Spend less time hunting and more time hacking.
Virtual Session

Tool Talk: Eyeballer

In Episode 1 of our Tool Talk series we explore Eyeballer, an AI-powered, open-source tool designed to help penetration testers assess large-scale external perimeters.
Illustration of computer exporting data

Fuzzing: Get the buzz on fuzz testing in software development

This slide deck includes:

  • Fuzzing Basics
  • How Fuzzing Works
  • Popular Fuzzing Tools
Screenshot of video of Dan Petro interviewing John L about the Unredacter challenge
Video

Unredacter Challenge: John L.'s Solution

Challenge Accepted! We asked the security community to take Unredacter to the next level by decoding our secret blurred message. Watch as John L. showcases his solution.
Screenshot of video of Dan Petro interviewing Shawn A about the Unredacter challenge
Video

Unredacter Challenge: Shawn A.'s Solution

Challenge Accepted! We asked the security community to take Unredacter to the next level by decoding our secret blurred message. Watch as Shawn A. showcases his solution.
Video screenshot of Dan Petro interviewing Alejando about the security tool challenge
Video

Unredacter Challenge: Alejandro's Solution

Challenge Accepted! We asked the security community to take Unredacter to the next level by decoding our secret blurred message. Watch as Alejandro showcases his solution.
Bishop Fox Eyeballer ebook cover page
Guide

Eyeballer: Automating Security Triage with Machine Learning

This easy-to-follow guide explores the capabilities of Eyeballer, a first-of-its-kind AI-powered pen testing tool.
SmogCloud video thumbnail with overlay play button.
Video

SmogCloud: Expose Yourself Without Insecurity - Cloud Breach Patterns

Presented at Black Hat 2020, this presentation looks at the most pragmatic ways to continuously analyze your AWS environments and operationalize that information to answer vital security questions. Demonstrations include integration between IAM Access Analyzer, Tiros Reachability API, and Bishop Fox CAST Cloud Connectors, along with a new open source tool SmogCloud to find continuously changing AWS internet-facing services.
Load More

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.