7MS #304: Integrating Pwned Passwords with Active Directory

Today we're talking about eating the security dog food – specifically: Satisfying critical security control #1 Using the Atlassian family of tools to create a ticketing/change control system and wrap...

3 Elo 202445min

Hi, today's tale of pentest pwnage covers a few wins and one loss: A cool opportunity to drop Farmer "crops" to a domain admin's desktop folder via PowerShell remote session Finding super sensitive d...

26 Heinä 202432min

Hey friends, we're doing a little departure from our normal topics and focusing on how to create a security knowledgebase (is that one word or two?) using Docusaurus! It's cool, it's free, it's from ...

19 Heinä 202414min

Today's tale of pentest pwnage includes some fun stuff, including: SharpGPOAbuse helps abuse vulnerable GPOs! Try submitting a harmless POC first via a scheduled task – like ping -n 1 your.kali.ip...

12 Heinä 202448min

Hi friends, today's a tale full of test tips and tools to help you in your adventures in pentesting! SCCM Exploitation SCCM Exploitation: The First Cred Is the Deepest II w/ Gabriel Prud'homme – fant...

7 Heinä 202415min

Today I recap a two week persona/biz road trip and talk about the security stuff that got sprinkled into it, including: Family members who don't care about their personal security Weakpass – a cool c...

1 Heinä 202445min

Today we have a fun featured interview with my new friend Stu Musil of Ambient Consulting I had a great time talking with Stu about bashing come common misconceptions people have about working with re...

24 Kesä 202446min

Hey friends, today we talk about some not-so-glamorous but ever-so-important stuff related to running a cybersecurity consultancy, including: Taking an inventory of all the SaaS stuff your business u...

14 Kesä 20249min