7MS #591: Tales of Pentest Pwnage - Part 52
Today we talk about an awesome path to internal network pentest pwnage using downgraded authentication from a domain controller, a tool called ntlmv1-multi, and a boatload of cloud-cracking power on t...
29 Sep 202333min
7MS #590: Hacking Billy Madison - Part 2
Today my Paul and I continued hacking Billy Madison (see part one here) and learned some interesting things: You can fuzz a URL with a specific file type using a format like this: wfuzz -c -z file,...
22 Sep 202313min
7MS #589: Tales of Pentest Pwnage - Part 51
In today's tale of pentest pwnage we talk about: The importance of local admin and how access to even one server might mean instant, full control over their backup or virtualization infrastructure ...
15 Sep 202314min
7MS #588: Becoming a Sysmon Sensei with Amanda Berlin
Today Amanda Berlin from Blumira teaches us how to unlock the power of Sysmon so we can gain insight into the good, bad and ugly things happening on our corporate endpoints! Key takeaways: Sysmon tu...
8 Sep 202324min
7MS #587: Hacking Billy Madison
Today my pal Paul from Project7 and I hack the heck out of Billy Madison a vulnerable virtual machine that is celebrating its 7th anniversary this month!
1 Sep 202336min
7MS #586: DIY Pentest Dropbox Tips – Part 8
Today, sadly, might be the last episode of DIY pentest dropbox tips for a while because I found (well, ChatGPT did actually) the missing link to 100% automate a Kali Linux install! Check episode #449 ...
25 Aug 202318min
7MS #585: DIY Pentest Dropbox Tips – Part 7
Hey friends, today I'm super excited to share I found the missing link! Specifically, the missing piece that now allows me to create fully automated Windows 10 installs that serve as virtual pentest j...
18 Aug 202324min
7MS #584: Tales of Pentest Pwnage - Part 50
In today's tale of pwnage, we'll talk about how domain trusts can be dangerous because they have...well...trust issues.
11 Aug 202317min
