7MS #680: Tips for a Better Purple Team Experience

Hey friends, today we've got a security milkshake episode about Web app pentesting. Specifically we talk about: Burp Suite Enterprise Caido – a lightweight alternative to Burp wfuzz – Web fuzzer. Us...

31 Mai 202450min

Road trip time! I've been traveling this week doing some fun security projects, and thought all this highway time would be a perfect opportunity to take a dip into the 7MS mail bag! Today's questions...

24 Mai 202444min

Today's tale of pentest pwnage is all about my new favorite attack called SPN-less RBCD. We did a teaser episode last week that actually ended up being a full episode all about the attack, and even st...

17 Mai 202429min

Today's prelude to a tale of pentest pwnage talks about something called "spnless RBCD" (resource-based constrained delegation). The show notes don't format well here in the podcast notes, so head to...

10 Mai 202424min

Sadly, the Broadcom acquisition of VMWare has hit 7MinSec hard – we love running ESXi on our NUCs, but ESXi free is no longer available. To add insult to injury, our vCenter lab at OVHcloud HQ got a ...

5 Mai 202416min

Today we revisit a series about eating the security dog food – in other words, practicing what we preach as security gurus! Specifically we talk about: We're going to get a third-party assessment on...

26 Apr 202423min

Today we're talking about tips to deal with stress and anxiety: It sounds basic, but take breaks – and take them in a different place (don't just stay in the office and do more screen/doom-scrolling)...

21 Apr 202422min

We did something crazy today and recorded an episode that was 7 minutes long! Today we talk about some things that have helped us out in recent pentests: When using Farmer to create "trap" files tha...

14 Apr 20247min