7MS #306: A Peek into the 7MS Mail Bag - Part 2
7 Minute Security19 Apr 2018

7MS #306: A Peek into the 7MS Mail Bag - Part 2

We've dug into some pretty technical topics the last few weeks so we're gonna take it easy today. Below are some FAQs and updates I'll cover on today's show:

FAQs

  • What security certs should a sales person get?

  • What lav mic should I get for podcasting?

  • How do I know if I'm ready to take the OSCP?

  • When are you gonna do some more YouTube videos?

  • When will the PacktPub project be done?

Updates

Don't forget to check out these new and/or updated pages on BPATTY:

Speaking engagements

  • I learned that the Cryptolocker song was played as muzak for a security conference. That makes me LOL ;-)

  • Those of you in Minneapolis/St. Paul are invited to join me for Blue Team on a Budget lunch and learn at Manny's - it's on May 3 and hosted by OneIdentity.

  • I'll be at Secure360 on May 16 to give my Blue Team on a Budget talk at 9:30 a.m., and I'll also be hosting our pal Bjorn for his Twin Cities vs. OWASP Juice Shop workshop on May 17. Gonna be awesome - hope you can come to either event (or both!).

Episoder(714)

7MS #674: Tales of Pentest Pwnage – Part 71

7MS #674: Tales of Pentest Pwnage – Part 71

Today's tale of pentest pwnage is another great one! We talk about: The SPNless RBCD attack (covered in more detail in this episode) Importance of looking at all "branches" of outbound permissions t...

9 Mai 202549min

7MS #673: ProxmoxRox

7MS #673: ProxmoxRox

Today we're excited to release ProxmoxRox – a repo of info and scripts to help you quickly spin up Ubuntu and Windows VMs. Also, some important news items: 7MinSec.club in-person meeting is happenin...

3 Mai 202530min

7MS #672: Tales of Pentest Pwnage – Part 70

7MS #672: Tales of Pentest Pwnage – Part 70

Today's a fun tale of pentest pwnage where we leveraged a WinRM service ticket in combination with the shadow credentials attack, then connected to an important system using evil-winrm and make our ge...

25 Apr 202555min

7MS #671: Pentesting GOAD

7MS #671: Pentesting GOAD

Hello! This week Joe "The Machine" Skeen and I kicked off a series all about pentesting GOAD (Game of Active Directory). In part one we covered: Checking for null session enumeration on domain contr...

18 Apr 202525min

7MS #670: Adventures in Self-Hosting Security Services

7MS #670: Adventures in Self-Hosting Security Services

Hi friends, today I'm kicking off a series talking about the good/bad/ugly of hosting security services. Today I talk specifically about transfer.zip. By self-hosting your own instance of transfer.zip...

11 Apr 202536min

7MS #669: What I'm Working on This Week – Part 3

7MS #669: What I'm Working on This Week – Part 3

Hi friends, in this edition of what I'm working on this week: 3 pulse-pounding pentests that had…problems Something I'm calling the unshadow/reshadow credentials attack Heads-up on a new video experi...

4 Apr 202542min

7MS #668: Tales of Pentest Pwnage – Part 69

7MS #668: Tales of Pentest Pwnage – Part 69

Hola friends! Today's tale of pentest pwnage talks about abusing Exchange and the Azure ADSync account! Links to the discussed things: adconnectdump – for all your ADSync account dumping needs! Adam ...

28 Mar 202530min

7MS #667: Pentesting GOAD SCCM - Part 2!

7MS #667: Pentesting GOAD SCCM - Part 2!

Hey friends, our good buddy Joe "The Machine" Skeen and I are back this week with part 2 (check out part 1!) tackling GOAD SCCM again! Spoiler alert: this time we get DA! YAY! Definitely check out t...

21 Mar 202528min

Populært innen Politikk og nyheter

aftenpodden
giver-og-gjengen-vg
lydartikler-fra-aftenposten
forklart
i-retten
aftenpodden-usa
stopp-verden
popradet
det-store-bildet
rss-gukild-johaug
fotballpodden-2
dine-penger-pengeradet
rss-ness
nokon-ma-ga
hanna-de-heldige
e24-podden
aftenbla-bla
grasoner-den-nye-kalde-krigen
frokostshowet-pa-p5
bt-dokumentar-2