Resources / Blogs

Black Hills Information Security (BHIS)

Practical offensive security and Kerberos abuse

Black Hills Information Security (BHIS) logo

Black Hills Information Security (BHIS) has become a cornerstone of the security community through their commitment to education, tool development, and accessible training. Founded by John Strand, BHIS is known for democratizing offensive security knowledge.


Why Follow This Blog

BHIS stands out for making complex security topics accessible while maintaining technical depth. Their “pay what you can” training model and extensive free content have helped countless security professionals advance their careers.

Key Topics Covered

Kerberos Security

  • Kerberoasting: Comprehensive guides to service account attacks
  • AS-REP Roasting: Attacking accounts without pre-authentication
  • Delegation Attacks: Constrained and unconstrained delegation abuse
  • Golden/Silver Tickets: Persistence through Kerberos ticket forgery
  • Diamond Tickets: Advanced ticket forging techniques

Active Defense

BHIS pioneered the “active defense” concept:

  • Honeypots: Deployment and monitoring strategies
  • Honeytokens: Detecting unauthorized access
  • Deception Technologies: Confusing and tracking attackers
  • DVWA (Deceptive Virtual Web Application): Web-based honeypots

Penetration Testing

  • Methodology: Structured approaches to engagements
  • Reporting: Effective communication of findings
  • Scope Management: Defining and managing test boundaries
  • Client Communication: Professional engagement handling

Blue Team Operations

  • Log Analysis: Finding evil in security logs
  • Threat Hunting: Proactive threat discovery
  • SIEM Optimization: Getting value from security tools
  • Incident Response: Handling security incidents

Tool Development

  • Attack path visualization contributions
  • Custom queries and analysis techniques
  • Integration with other tools

DVWA and Deception

  • Deceptive technologies
  • Honeypot frameworks
  • Attribution capabilities

Community Tools

  • Scripts and utilities for common tasks
  • Automation tools for testing
  • Detection rule sets

Webcasts and Education

Webcast Series

BHIS hosts regular free webcasts covering:

  • Current attack techniques
  • Tool demonstrations
  • Career development
  • Industry trends

Antisyphon Training

Pay-what-you-can training covering:

  • SOC Core Skills
  • Active Defense and Cyber Deception
  • Attack Emulation Tools
  • Network Traffic Analysis
  • And many more courses

Hack-A-Thons

Regular events combining:

  • Hands-on challenges
  • Community building
  • Prize opportunities
  • Skill development

Visit website → · RSS feed