7MS #700: Pretender
7 Minute Security7 Marras 2025

7MS #700: Pretender

Today is episode 700 of the 7MinSec podcast! Oh my gosh. My mom didn't think we could do it, but we did. Instead of a big blowout with huge news, giveaways and special guests, today is a pretty standard issue episode with a (nearly) 7-minute run time!

The topic of today's episode is Pretender (which you can download here and read a lot more about here). The tool authors explain the motivation behind the tool: "We designed pretender with the single purpose to obtain machine-in-the-middle positions combining the techniques of mitm6 and only the name resolution spoofing portion of Responder."

On a recent pentest, I used Pretender's "dry run" mode to find a hostname (that didn't exist) that a ton of machines were querying for, and poisoned requests just for that host. This type of targeted poisoning snagged me some helpful hashes that I was able to crack/relay, all while minimizing the risk of broader network disruption!

Jaksot(719)

7MS #7: External Vulnerabilities that Byte (audio)

7MS #7: External Vulnerabilities that Byte (audio)

Episode lucky #7!!! In this episode I talk about external network vulnerabilities that we see in many of our assessments – some of which are pretty easy to clear up. Download: Episode 7: External Vuln...

15 Maalis 20147min

7MS #6: Fun Firewall Rules – part 2 (audio)

7MS #6: Fun Firewall Rules – part 2 (audio)

In this episode I continue talking about some basic firewall rules that many organizations don't have in place. Download: Episode 6: Fun Firewall Rules – part 2 (audio) Show notes: Limit outbound DNS ...

8 Maalis 20147min

7MS #5: Fun Firewall Rules – part 1 (audio)

7MS #5: Fun Firewall Rules – part 1 (audio)

In this episode I talk about some basic firewall rules that many organizations don't have in place. Download: Episode 5: Fun Firewall Rules – part 1 (audio) Show notes: Block outbound port TCP 25 for ...

1 Maalis 20147min

7MS #4: Patch Strategies: Part Deux (audio)

7MS #4: Patch Strategies: Part Deux (audio)

In this episode I continue talking about some dos and donts of patch strategies – this time talking about enterprise level gear. Download: Episode 4: Patch Strategies: Part Deux (audio) Show notes: Th...

22 Helmi 20146min

7MS #3: Patch Strategies: Part 1 (audio)

7MS #3: Patch Strategies: Part 1 (audio)

In this episode I talk about some trends (and problems) we're seeing on the patching front – specifically OS and third-party apps. Download: Episode 3: Patch Strategies: Part 1 (audio) Show notes: Mos...

13 Helmi 20147min

7MS #2: The Importance of Logging and Alerting! (audio)

7MS #2: The Importance of Logging and Alerting! (audio)

In this episode I talk about how a client of ours learned a hard lesson: that the lack of logging/alerting makes for a pretty miserable investigation after they were breached. Download: Episode 2: The...

1 Helmi 20147min

7MS #1: Epic Introduction! (audio)

7MS #1: Epic Introduction! (audio)

In this episode, I talk about the inspiration behind the 7MS podcast and my vision for it going forward. (Admittedly, my ulterior motive is to use this intro episode to figure out how in the heck to g...

1 Helmi 20147min

Suosittua kategoriassa Politiikka ja uutiset

uutiscast
aikalisa
politiikan-puskaradio
ootsa-kuullut-tasta-2
rss-ootsa-kuullut-tasta
viisupodi
tervo-halme
rss-vaalirankkurit-podcast
rss-podme-livebox
rss-girls-finish-f1rst
rss-pinnalla
otetaan-yhdet
aihe
et-sa-noin-voi-sanoo-esittaa
rss-asiastudio
the-ulkopolitist
rss-vain-talouselamaa
rss-ulkopoditiikkaa
radio-antro
rss-50100-podcast