7MS #278: Interview with Rob Sell
7 Minute Security21 Sep 2017

7MS #278: Interview with Rob Sell

Intro

We're breaking ground with this episode, folks! For the first time in 7MS history, we've got a guest on the show (finally, right?!).

Rob Sell is an IT manager who has been working in IT for many years, with a focus on information security specifically for the last 4 years. He recently came home from Defcon 25 with a third place in the SE CTF.

Rob sat down with me to discuss the CTF, how to make an outstanding CTF audition video, OSINT tools/tips/techniques, the value of tech/security certifications, career advice, and more!

Interview notes and links

  • Here's Rob's Defcon CTF audition video

  • EchoSec helps you see a geographical area at a certain point in time. According to the Web site, EchoSec is "the most comprehensive social sentiment tool on the market" - hmmmm, seems like a great SE tool!

  • X-Ray is "a tool for recon, mapping and OSINT gathering from public networks."

  • Michael Bazzell's Web site has online training, free tools and other goodies. Michael also has some books.

  • Christopher Hadnagy has a podcast that's strictly focused on SE. He's also got some books.

  • ArcGIS isn't necessarily labeled as an SE tool, but can certainly be used for SE efforts.

Episoder(714)

7MS #698: Baby's First ProjectDiscovery

7MS #698: Baby's First ProjectDiscovery

Today I give a quick review of the cloud version of ProjectDiscovery (not a sponsor!).

24 Okt 202524min

7MS #697: Pwning Ninja Hacker Academy – Part 4

7MS #697: Pwning Ninja Hacker Academy – Part 4

Today your pal and mine Joe "The Machine" Skeen pwn one of the two Ninja Hacker Academy domains! This pwnage included: Swiping service tickets in the name of high-priv users Dumping secrets from wmo...

18 Okt 202513min

7MS #696: Baby's First Security Ticketing System

7MS #696: Baby's First Security Ticketing System

In today's episode: I got a new podcast doodad I really like JitBit as a security ticketing system (not a sponsor) The Threat Hunting with Velociraptor 2-day training was great. Highly recommend. I...

10 Okt 202527min

7MS #695: Tales of Pentest Pwnage - Part 78

7MS #695: Tales of Pentest Pwnage - Part 78

Today's tale of pentest pwnage involves: Using mssqlkaren to dump sensitive goodies out of SCCM Using a specific fork of bloodhound to find machines I could force password resets on (warning: don't d...

3 Okt 202515min

7MS #694: Tales of Pentest Pwnage – Part 77

7MS #694: Tales of Pentest Pwnage – Part 77

Hey friends, today I talk about how fun it was two combine two cool pentest tactics, put them in a blender, and move from local admin to mid-tier system admin access (with full control over hundreds o...

26 Sep 202533min

7MS #693: Pwning Ninja Hacker Academy – Part 3

7MS #693: Pwning Ninja Hacker Academy – Part 3

This week your pal and mine Joe "The Machine" Skeen kept picking away at pwning Ninja Hacker Academy. To review where we've been in parts 1 and 2: We found a SQL injection on a box called SQL, got a...

19 Sep 202528min

7MS #692: Tales of Pentest Pwnage – Part 76

7MS #692: Tales of Pentest Pwnage – Part 76

Happy Friday! Today's another hot pile of pentest pwnage. To make it easy on myself I'm going to share the whole narrative that I wrote up for someone else: I was on a pentest where a DA account would...

12 Sep 202532min

7MS #691: Tales of Pentest Pwnage – Part 75

7MS #691: Tales of Pentest Pwnage – Part 75

Holy schnikes, today might be my favorite tale of pentest pwnage ever. Do I say that almost every episode? yes. Do I mean it? Yes. Here are all the commands/links to supplement today's episode: Got a...

5 Sep 202531min

Populært innen Politikk og nyheter

aftenpodden
giver-og-gjengen-vg
lydartikler-fra-aftenposten
forklart
aftenpodden-usa
i-retten
popradet
stopp-verden
det-store-bildet
dine-penger-pengeradet
fotballpodden-2
rss-gukild-johaug
rss-ness
hanna-de-heldige
nokon-ma-ga
aftenbla-bla
e24-podden
bt-dokumentar-2
rss-dannet-uten-piano
frokostshowet-pa-p5