Resource Center

DerpCon 2020 presentation reviews how .NET deserialization works and how to get shells on real applications.

DerpCon 2020 presentation explores how to find, capture, and reverse-engineer RF signals.

DerpCon 2020 presentation on CTF formats, the skills they require, and the experience they develop.

When Salesflare knew they needed to complete the new, required security assessment for the G Suite Marketplace, they chose Bishop Fox to secure their CRM product and verify their compliance.

When Google needed to ensure that their user data was being handled securely, they partnered with Bishop Fox to design a security assessment program that could validate the security posture of their 1,000+ G Suite partners. The result: the largest and most successful public third-party ecosystem testing program ever.

Presentation from BSides Atlanta 2020 explores the unprecedented level of exposures in the Cloud and how they can be found.

Presentation from BSides Tampa 2020 explores the vulnerabilities of machine learning systems and how to mitigate them.

Presentation from BSides San Francisco 2020 offers practical advice for security writers.

Secured a new voice-enabled speaker at launch by integrating security testing into every stage of development.

Existing Zigbee hacking solutions have fallen into disrepair, having barely been maintained, let alone improved upon. Left without a practical way to evaluate the security of Zigbee networks, we've created ZigDiggity, a new open-source pentest arsenal from Bishop Fox.

In this talk, Ben Morris shows how he found all sorts of secrets and associated data—passwords, SSH private keys, TLS certificates, application source code, API keys, and anything else that might be stored on a server hard disk.

Presentation from Black Hat USA 2019 reveals an open-source pentest arsenal for Zigbee networks.

Presentation from Kapersky SAS 2019 on an unfortunate side effect to achieving HTTPS everywhere and learn what can be done to mitigate the risk.

Validated products against real-world attack scenarios, delivering the transparency and assurance promised to customers.

Presentation from BSides Las Vegas 2019 demonstrates the successful exploitation of transit system mobile apps.

A Non-Traditional Source Code Review Securing the Foundation of Thousands of Web Applications.

Presentation from Sqr00t 2019 explores the ins and outs of domain abuse, and how to prevent it.

Presentation from BSides Columbus 2019 discusses common privilege escalation paths on Linux systems.

Presentation from Day of Shecurity 2019 familiarizes you with the necessary tools to continue your ethical hacking journey.

Presentation from Day of Shecurity 2019 explores privilege escalation methods in Linux.

Presentation from OWASP AppSec California 2019 offers up dirty tricks to optimize the hunt for security exposures.

Combining the HackerOne Platform with Bishop Fox Security Consultants.

As their business expanded, we were there to help Change Healthcare grow and evolve their security posture.

Software Security Meets Cybersecurity. Bluebox needed a vendor to conduct a mobile security assessment of their solution. Bishop Fox established that security was the foundation of their software.