7 Minute Security30 Joulu 2020

7MS #448: Certified Red Team Professional - Part 3

Today, Gh0sthax and I talk about week 3/4 of the CRTP - Certified Red Team Professional training, and how it's kicking our butts a bit. Key points include:

We agree this is not a certification for folks who are new to pentesting
Don't expect to be following along "live" with the instructor during the training sessions
You'll need to do a flippin' ton of studying and practicing on your own in between the live sessions
As you follow along with the lab exercises, some things won't work - and that might be by design, but the lab manual might not give you a heads-up. In those cases, be sure to check with your classmates in the Discord channel
Problems popping shells? Hint: it might not be a problem with your tools...but with your network/firewalll config!
The more PowerShell skills you can walk into this training with, the better.
We've got to play with some tools that were new(ish) to us:
- PowerUpSQL - check out these awesome cheat sheets too!
- HeidiSQL
- Rubeus
If you're an absolute rockstar in the pentest labs, don't think that you'll breeze right through the exam!
Some pros of this training: fast-moving, super knowledgable instructor. Outstanding content. Super value for the dollar investment - arguably the best pentest training bang for the buck. The labs themselves are quite good and realistic. You get the recordings of the live sessions after they're complete. The course covers some defense against these attacks as well - great to have the blue team perspective!
A few cons: the content might be too fast-moving. It can get easy to become "lost" and forget the objective of what each lab exercise is having you do. Lab manual doesn't necessarily match the PDF slides.

Kokeile Premiumia

Nauti 14 päivää ilmaiseksi

Tilaa Premium

Jaksot(710)

7MS #694: Tales of Pentest Pwnage – Part 77

Hey friends, today I talk about how fun it was two combine two cool pentest tactics, put them in a blender, and move from local admin to mid-tier system admin access (with full control over hundreds o...

26 Syys 202533min

7MS #693: Pwning Ninja Hacker Academy – Part 3

This week your pal and mine Joe "The Machine" Skeen kept picking away at pwning Ninja Hacker Academy. To review where we've been in parts 1 and 2: We found a SQL injection on a box called SQL, got a...

19 Syys 202528min

7MS #692: Tales of Pentest Pwnage – Part 76

Happy Friday! Today's another hot pile of pentest pwnage. To make it easy on myself I'm going to share the whole narrative that I wrote up for someone else: I was on a pentest where a DA account would...

12 Syys 202532min

7MS #691: Tales of Pentest Pwnage – Part 75

Holy schnikes, today might be my favorite tale of pentest pwnage ever. Do I say that almost every episode? yes. Do I mean it? Yes. Here are all the commands/links to supplement today's episode: Got a...

5 Syys 202531min

7MS #690: Tales of Pentest Pwnage – Part 74

Today's tale of pentest pwnage is a classic case of "If your head is buried in the pentest sand, pop it out for a while, touch grass, and re-enumerate what you've already enumerated, because that can ...

29 Elo 202521min

7MS #689: Pwning Ninja Hacker Academy – Part 2

Hello friends! Today your friend and mine, Joe "The Machine" Skeen joins me as we keep chipping away at pwning Ninja Hacker Academy! Today's pwnage includes: "Upgrading" our Sliver C2 connection to...

22 Elo 202515min

7MS #688: Building a Pentest Training Course Is Fun and Frustrating

Today I talk about a subject I love while also driving me crazy at the same time: building a pentest training course! Specifically, I dissect a fun/frustrating GPO attack that I need to build very car...

16 Elo 202522min

7MS #687: A Peek into the 7MS Mail Bag – Part 5

Hi friends, we're doing something today we haven't done in a hot minute: take a dip into the 7MinSec mail bag! Today we cover these questions: If I'm starting a solo business venture as a security co...

11 Elo 202557min

Kaikki yhdessä sovelluksessa

Kuuntele kaikki suosikkipodcastisi ja -äänikirjasi yhdessä paikassa.

Sinulle valikoitua sisältöä

Podme-sovelluksessa kokoat suosikkisi helposti omaan kirjastoosi. Saat meiltä myös kuuntelusuosituksia!

Jatka kuuntelua koska tahansa

Voit jatkaa siitä mihin jäit, myös offline-tilassa.

Premium

9,99 €/kk

Kaikki premium-podcastit
Ei mainoksia
Ei sitoutumista, peruuta koska tahansa

Aloita 14 päivän kokeilu

Premium

13,99 €/kk

Kaikki premium-podcastit
Ei mainoksia
Ei sitoutumista, peruuta koska tahansa
Yksi lisäkäyttäjä

Kokeile 14 päivää maksutta

Suosittua kategoriassa Politiikka ja uutiset

Tarinat ja äänet, joita rakastat kuunnella

Kuuntele kaikki suosikkipodcastisi ja -äänikirjasi

Lue lisää