7MS #353: Tales of Internal Pentest Pwnage - Part 1
7 Minute Security22 Maalis 2019

7MS #353: Tales of Internal Pentest Pwnage - Part 1

Buckle up! This is one of my favorite episodes.

Today I'm kicking off a two-part series that walks you through a narrative of a recent internal pentest I worked on. I was able to get to Domain Admin status and see the "crown jewels" data, so I thought this would be a fun and informative narrative to share. Below are some highlights of topics/tools/techniques discussed:

Building a pentest dropbox

The timing is perfect - my pal Paul (from Project7) and Dan (from PlexTrac) have a two-part Webinar series on building your own $500 DIY Pentest Lab, but the skills learned in the Webinars translate perfectly into making a pentest dropbox. Head to our webinars page for more info.

Securing a pentest dropbox

What I did with my Intel NUC pentest dropbox is build a few VMs as follows:

  • Win 10 pro management box with Bitlocker drive encryption and Splashtop (not a sponsor) which I like because it offers 2FA and an additional per-machine password/PIN. I think I spent $100/year for it.

  • Kali attack box with an encrypted drive (Kali makes this easy by offering you this option when you first install the OS).

Scoping/approaching a pentest

From what I can gather, there are (at least) two popular schools of thought as it relates to approaching a pentest:

  • From the perimeter - where you do a lot of OSINT, phish key users, gain initial access, and then find a path to privilege from there.

  • Assume compromise - assume that eventually someone will click a phishing link and give bad guys a foothold on the network, so you have the pentester bring in a Kali box, plug it into the network, and the test begins from that point.

Pentest narrative

For one of the tests I worked on, here were some successes and challenges I had along the way:

Check out the show notes at 7MS.us as there's lots more good info there!

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(729)

7MS #729: Pwning Dracarys

7MS #729: Pwning Dracarys

Hey friends! Still your grieving pal over here, but also your happy hacking host — because today we're diving into baby's first Dracarys! (Yes, I'm probably pronouncing that wrong. Yes, I'm going to k...

4 Heinä 18min

7MS #728: Securing Your Family During and After a Disaster – Part 8

7MS #728: Securing Your Family During and After a Disaster – Part 8

Hey friends! This is a tough one to write. My dad passed away on Friday, and instead of the hacker-y tech episode I had planned, I pivoted to something more personal — another installment of our "Secu...

30 Kesä 38min

7MS #727: Securing Your Mental Health – Part 7

7MS #727: Securing Your Mental Health – Part 7

Hello friends! It's been over a year since we did a dedicated mental health episode, so today I'm doing a big catch-up and running through my 7-point plan for being a more mentally secure me. None of ...

19 Kesä 21min

7MS #726: Baby's First Hermes

7MS #726: Baby's First Hermes

Hello friends! I've been on a bit of an AI agent journey lately, and today I'm sharing my experience ditching OpenClaw and going all-in on Hermes — a self-hosted AI agent built by Nous Research. A Net...

12 Kesä 22min

7MS #725: Building a Bulletproof Backup Solution

7MS #725: Building a Bulletproof Backup Solution

Hey friends! Backups are not as cool as pentesting, but boy do they matter when things go sideways. This week I'm sharing how a Proxmox backup disk space meltdown led me to a completely overhauled — a...

5 Kesä 21min

7MS #724: Tales of Pentest Pwnage - Part 85

7MS #724: Tales of Pentest Pwnage - Part 85

Hey friends! Today we're going deep on external network pentesting — something I realize we've barely touched in however many episodes we've done. I'm currently in a long stretch of back-to-back exter...

29 Touko 30min

7MS #723: CARTP - Cloud Red Team Tactics for Attacking and Defending Azure - Part 1

7MS #723: CARTP - Cloud Red Team Tactics for Attacking and Defending Azure - Part 1

Hello friends! Today's a hybrid episode — some security content up top about a new certification I've kicked off, followed by an aggressively quick trip to Tangent Town. Feel free to bail after the se...

23 Touko 32min

7MS #722: I Turned My Phone Into a Brick

7MS #722: I Turned My Phone Into a Brick

Hey friends! Quasi-vacation week over here, so today's episode is lighter and more personal: just a story about how I turned my phone into a "brick" (kind of) and what that's done for my mental health...

15 Touko 23min

Suosittua kategoriassa Politiikka ja uutiset

aikalisa
uutiscast
ootsa-kuullut-tasta-2
rss-ootsa-kuullut-tasta
rss-podme-livebox
rss-vaalirankkurit-podcast
tervo-halme
otetaan-yhdet
politiikan-puskaradio
aihe
rss-kaikki-uusiksi
rss-asiastudio
the-ulkopolitist
et-sa-noin-voi-sanoo-esittaa
rss-mina-ukkola
rss-aijat-hopottaa-podcast
rss-kovin-paikka
rss-raha-talous-ja-politiikka
rss-girls-finish-f1rst
rss-ulkopoditiikkaa