Resource Center

IoTium, a solution designed for the Industrial Internet of Things (IIoT), enlisted Bishop Fox to verify the security of their product offering.

Some quick live footage of flying the Danger Drone, a free penetration testing platform from Bishop Fox.

Designed a security program that meets the highest privacy standards to protect sensitive patient health data.

At risk of appearing like mad scientists, reveling in our latest unholy creation, we proudly introduce you to DeepHack: the open-source hacking AI. This bot learns how to break into web applications using a neural network, trial-and-error, and a frightening disregard for humankind.

We’ve taken a MythBusters-style approach to testing the effectiveness of a variety of drone defense solutions, pitting them against our DangerDrone. Videos demonstrating the results should be almost as fun for you to watch as they were for us to produce. Expect to witness epic aerial battles against an assortment of drone defense types.

Defeating net-based drone defense products by using a protective chicken wire bubble would defeat the majority of net drone defensive products which rely on the net getting caught in the propellers to take down the drone.

Defeating net-based drone defense products by using a protective chicken wire bubble: The SKYNET 12 gauge shotgun shells blew a hole right through our chicken wire protective cage.

A video teaser to Bishop Fox's "DeepHack" program, presented at DEF CON 25 on July 29th.

At risk of appearing like mad scientists, reveling in our latest unholy creation, we proudly introduce you to DeepHack: the open-source hacking AI. This bot learns how to break into web applications using a neural network, trial-and-error, and a frightening disregard for humankind.

This presentation picks up the subtle art of search engine hacking at the current state and discusses why these techniques fail. We will then reveal several new search engine hacking techniques that have resulted in remarkable breakthroughs against both Google and Bing.

According to our research, 98 percent of the internet is not protected against email spoofing, which is a relatively easy problem to solve. If you’re concerned that your domain may be vulnerable to spoofing, check out SpoofCheck, our tool that diagnoses web and email domains.

Some quick live footage of flying the Danger Drone, a free penetration testing platform from Bishop Fox. She handles great!

Some quick live footage of flying the Danger Drone, a free penetration testing platform from Bishop Fox. She handles great!

“Super Smash Bros: Melee.” – Furrowed brows, pain in your thumbs, trash talk your Mom would blush to hear. What started as a fun coding project in response to a simple dare grew into an obsession that encompassed the wombo-combo of hacking disciplines including binary reverse engineering, AI research, and programming.

CVE-2016-1764, fixed by Apple in March of 2016, is an application-layer bug that leads to the remote disclosure of all message content and attachments in plaintext by exploiting the OS X Messages client.

It is unlikely when a bug affects almost every CDN and it becomes vulnerable, but when this happens the possibilities are endless and potentially disastrous. This is a story of exploit development with fascinating consequences.

Have you ever attended an RFID hacking presentation and walked away with more questions than answers? This talk will finally provide practical guidance for penetration testers on hacking High Frequency (HF - 13.56 MHz) and Ultra-High Frequency (UHF – 840-960 MHz).

It’s possible for a thief to plug a USB drive into Brink’s CompuSafe Galileo, automate hacking the safe, and steal the cash inside. Our video explains this exploit in under 60 seconds.

A vulnerability in the AirDroid application’s web interface made it possible for an attacker to essentially hijack a user’s phone. This video highlights the vulnerability’s implications and how an app’s permissions can become too pervasive.

In this presentation, we explore how to (ab)use free trials to get access to vast amounts of computing power, storage, and pre-made hacking environments.

Take control over your neighbors’ TVs like in the movies! This talk will demonstrate how to hijack any Google Chromecast – even if it’s behind a secure Wi-Fi network – to do your bidding.

Untwister is a tool designed to help pentesters predict random number sequences when an application generates them using an insecure algorithm. This presentation focuses on weaponizing what used to be theoretical into our tool: untwister.

Video Demo - using Bishop Fox's "RickMote Controller" to wirelessly hijack someones nearby TV by taking over their Google Chromecast.

Secured a new voice-enabled speaker at launch by integrating security testing into every stage of development.