Auditing GitLab: The CI/CD Kill Chain 2026-06-03 True BHIS True Bad Habits: An ANTISOC Operation 2026-05-27 True BHIS True Signed, Trusted, and Abused: Proxy Execution via WebView2 2026-04-15 True BHIS True Lessons From A Chatbot Incident 2026-03-25 True BHIS True The “P” in PAM is for Persistence: Linux Persistence Technique 2026-03-04 True BHIS True When the SOC Goes to Deadwood: A Night to Remember 2026-02-04 True BHIS True The Curious Case of the Comburglar 2025-12-18 True BHIS True Inside the BHIS SOC: A Conversation with Hayden Covington 2025-12-03 True BHIS True Abusing Delegation with Impacket (Part 3): Resource-Based Constrained Delegation 2025-11-26 True BHIS True Why You Got Hacked – 2025 Super Edition 2025-11-19 True BHIS True Model Context Protocol (MCP) 2025-10-22 True BHIS True Bypassing WAFs Using Oversized Requests 2025-10-15 True BHIS True Microsoft Store and WinGet: Security Risks for Corporate Environments 2025-09-10 True BHIS True Stop Spoofing Yourself! Disabling M365 Direct Send 2025-08-20 True BHIS True Detecting ADCS Privilege Escalation 2025-07-23 True BHIS True Abusing S4U2Self for Active Directory Pivoting 2025-06-11 True BHIS True Caging Copilot: Lessons Learned in LLM Security 2025-05-21 True Bronwen Aker True Augmenting Penetration Testing Methodology with Artificial Intelligence – Part 1: Burpference 2025-05-07 True BHIS True Offline Memory Forensics With Volatility 2025-04-08 True BHIS True Canary in the Code: Alert()-ing on XSS Exploits 2025-03-20 True BHIS True Light at the End of the Dark Web 2025-03-03 True BHIS True Attack Tactics 9: Shadow Creds for PrivEsc w/ Kent & Jordan 2025-01-20 True BHIS True Indecent Exposure: Your Secrets are Showing 2025-01-09 True BHIS True The Top Ten List of Why You Got Hacked This Year (2023/2024) 2024-12-12 True BHIS True Finding Access Control Vulnerabilities with Autorize 2024-11-21 True BHIS True Adversary in the Middle (AitM): Post-Exploitation 2024-11-04 True BHIS True DLL Hijacking – A New Spin on Proxying your Shellcode 2024-10-14 True BHIS True Satellite Hacking 2024-10-03 True BHIS True Proxying Your Way to Code Execution – A Different Take on DLL Hijacking 2024-09-26 True BHIS True Monitoring High Risk Azure Logins 2024-09-12 True BHIS True Auditing GitLab: Public Gitlab Projects on Internal Networks 2024-07-18 True BHIS True DLL Jmping: Old Hollow Trampolines in Windows DLL Land 2024-06-06 True BHIS True Abusing Active Directory Certificate Services (Part 4) 2024-05-30 True BHIS True Red Teaming: A Story From the Trenches 2024-04-18 True BHIS True Can’t Stop, Won’t Stop Hijacking (CSWSH) WebSockets 2024-03-21 True BHIS True Wishing: Webhook Phishing in Teams 2024-03-14 True BHIS True OSINT for Incident Response (Part 2) 2024-03-07 True BHIS True Revisiting Insecure Direct Object Reference (IDOR) 2024-02-08 True BHIS True Bypass NTLM Message Integrity Check – Drop the MIC 2024-02-01 True BHIS True Hunting for SSRF Bugs in PDF Generators 2024-01-11 True BHIS True OSINT for Incident Response (Part 1) 2023-12-07 True BHIS True Abusing Active Directory Certificate Services (Part 3) 2023-11-09 True BHIS True Abusing Active Directory Certificate Services – Part 2 2023-10-12 True BHIS True Abusing Active Directory Certificate Services – Part One 2023-10-05 True BHIS True Stop Phishing Yourself: How Auto-Forwarding and Exchange Contacts Can Stab You in the Back 2023-09-21 True BHIS True Auditd Field Spoofing: Now You Auditd Me, Now You Auditdon’t 2023-05-11 True BHIS True Ssh… Don’t Tell Them I Am Not HTTPS: How Attackers Use SSH.exe as a Backdoor Into Your Network 2023-03-21 True BHIS True Your Browser is Not a Safe Space 2023-03-14 True BHIS True Hit the Ground Running with Prototype Pollution 2023-02-28 True BHIS True Exploit Development – A Sincere Form of Flattery 2023-02-09 True BHIS True 
