Resource Center

This presentation from Bishop Fox security experts reveals how attackers exploit common cloud misconfigurations to gain unauthorized access to sensitive data, demonstrating why continuous testing is essential for cloud security.

Join Bishop Fox experts Tom Eston, AVP of Consulting and Trevin Edgeworth, Red Team Practice Director as they breakdown why ransomware emulations are the best way to test your defenses.

Watch the second episode of our What the Vuln livestream series as we explore how to bypass endpoint detection and response (EDR) with native Windows binaries to gain advanced post-exploitation control.

Watch the inaugural episode of our What the Vuln livestream series as we examine Zimbra Zip Path Traversal vulnerabilities, CVE-2022-27925 and CVE-2022-37042.

Learn how to efficiently identify subdomain takeover vulnerabilities using Spoofy, an open-source tool that automates the assessment process and helps protect your organization from potential subdomain spoofing attacks.

Join us to learn how ransomware emulation provides safe testing scenarios to uncover ransomware susceptibility in your security environment.

Download this eBook to uncover the factors and inputs used in our customizable ROI calculator that are critical to making the business case for continuous offensive testing. The output of the calculator is intended to help you draw a direct line from investment to risk mitigation that can be communicated to both technical and non-technical decision makers.

Faced with securing complex, connected products, John Deere relied on in-depth product security reviews and ongoing protection through a managed offensive security platform.

In partnership with SANS,we share what our latest report uncovers about the minds and methodologies of modern attackers and how this can help to improve your security posture.

What’s better than a Top 10 List? An ultimate guide of all our favorite lists – from red team and cloud penetration tools TO our favorite music to hack to and the best reads for your offensive security journey. We’ve got you covered to level up your penetration testing game with this comprehensive guide of hacking goodies.

This Red Team methodology document provides an overview of Bishop Fox's approach to Red Team engagements.

Watch as we explore Bishop Fox’s very own asminject.py, a code injection tool that tampers with trusted Linux processes to capture sensitive data and change program behavior.

Tune into our livestream session to hear Skillbridge cybersecurity success stories.

Watch as we explore Bishop Fox’s very own CloudFox, a command line tool that helps offensive security practitioners navigate unfamiliar cloud environments and find exploitable attack paths in cloud infrastructure. Tune in to our livestream for a demo of CloudFox!

Overview of Bishop Fox’s methodology for cloud security reviews.

Join co-founder of ProjectDiscovery, Sandeep Singh, for a demo of the new Nuclei tool.

In our fourth edition of the Tool Talk series, we dive into Unredacter, a tool created by Dan Petro, Lead Researcher at Bishop Fox, that takes redacted pixelized text and reverses it back to its original text.

This step-by-step technical guide highlights the capabilities of asminject.py, a code injection tool used to compromise Linux processes and containers.

Ryan Naraine, Editor at SecurityConversations, interviews Bishop Fox's Co-Founder & CEO Vinnie Liu on the origins and evolution of the pen testing services business.

Illumio, Inc. engaged Bishop Fox to measure the effectiveness of Illumio Core for blue teams to detect and contain a ransomware attack. The report details the findings identified during the course of the engagement, which started on March 10, 2022.

Watch the lineup of leaders & influencers from the infosec community who joined us live at DEF CON 30!

In our third edition of the Tool Talk series, we dive into the open-source tool Nuclei, a fast and customizable vulnerability scanner based on simple YAML-based DSL.

Will Lin, founding team member at ForgePoint Capital (and investor in Bishop Fox) and co-creator of the CISO community Security Tinkerers, discusses his passion for technology and how it led him to a career helping security companies launch, as well as his work supporting CISOs through collaboration and knowledge sharing.

Explore key findings and insights from the CRA Business Intelligence Cloud Security Survey of more than 300 security leaders & practitioners.