7MS #611: Pentestatonix

7MS #611: Pentestatonix

34:032024-02-19

Jaksokuvaus

Hey friends, sorry for the late episode but I've been deep in the trenches of pentest adventures.  I'll do a more formal tale of pentest pwnage when I come up for air, but for now I wanted to share some tips I've picked up from recent engagements: GraphRunner - awesome PowerShell toolkit for interacting with Microsoft Graph API.  From a pentesting perspective, it may help you bridge the "gap" between LAN-side AD and Azure and find some goodies - like files with and XSLX extension containing the word password. PowerUpSQL -I typically use this to make SQL servers cough me up a hash via SMB using stored procedures, but I learned this week that I'll deeeefffffinitely use the Invoke-SQLAudit -Verbose functionality going forward.

Tutustu

Lisää

  • Evästekäytäntö
  • Käyttöehdot
  • Tietosuojakäytäntöexternal link
  • Medialleexternal link
logo

© Podme AB 2024