7MS #682: Securing Your Family During and After a Disaster – Part 7
Today’s episode is a downer! We talk about things you might want to have buttoned up for when you are eventually not alive anymore: Living will Buried vs. cremated? Funeral plans Funeral PHOTOS? I also talk about how my dad broke his ribs while trying to break a chimpmunk, and how a freak 4-wheeler accident also had my ribs in agony.
4 Jul 30min
7MS #681: Pentesting GOAD – Part 3
Today Joe “The Machine” Skeen and I pwn the third and final realm in the world of GOAD (Game of Active Directory): essos.local! The way we go about it is to do a WinRM connection to our previously-pwned Kingslanding domain, coerce authentication out of MEEREEN (the DC for essos.local) and then capture/abuse the TGT with Rubeus! Enjoy.
27 Jun 18min
7MS #680: Tips for a Better Purple Team Experience
Today I share some tips on creating a better purple team experience for your customers, including: Setting up communication channels and cadence Giving a heads-up on highs/criticals during testing (not waiting until report time) Where appropriate, record videos of attacks to give them more context
20 Jun 26min
7MS #679: Tales of Pentest Pwnage – Part 73
In today’s tale of pentest pwnage I talk about a cool ADCS ESC3 attack – which I also did live on this week’s Tuesday TOOLSday. I also talk about Exegol’s licensing plans (and how it might break your pentest deployments if you use ProxmoxRox).
13 Jun 30min
7MS #678: How to Succeed in Business Without Really Crying – Part 22
Today I share some tips on presenting a wide variety of content to a wide variety of audiences, including: Knowing your audience before you touch PowerPoint Understanding your presentation physical hookups and presentation surfaces A different way to screen-share via Teams that makes resolution/smoothness way better!
6 Jun 33min
7MS #677: That One Time I Was a Victim of a Supply Chain Attack
Hi everybody. Today I take it easy (because my brain is friend from the short week) to tell you about the time I think my HP laptop was compromised at the factory!
30 Mai 13min
7MS #676: Tales of Pentest Pwnage – Part 72
Today’s fun tale of pentest pwnage discuss an attack path that would, in my opinion, probably be impossible to detect…until it’s too late.
27 Mai 59min
7MS #675: Pentesting GOAD – Part 2
Hey friends! Today Joe “The Machine” Skeen and I tackled GOAD (Game of Active Directory) again – this time covering: SQL link abuse between two domains Forging inter-realm TGTs to conquer the coveted sevenkingdoms.local! Join us next month when we aim to overtake essos.local, which will make us rulers over all realms!
16 Mai 31min
