7MS #339: A Pulse-Pounding Impromptu Physical Pentest
7 Minute Security6 Des 2018

7MS #339: A Pulse-Pounding Impromptu Physical Pentest

On a recent security assessment I was thrown for a loop and given the opportunity to do a two-part physical pentest/SE exercise - with about 5 minutes notice(!). Yes, it had me pooping my pants, but in retrospect it was an amazing experience. This is the mission I was given:

  • See if you can get the front desk staff to plug in a USB drive - I posed as John Strand and armed myself with a fake resume. And as I approached the front desk I suddenly panicked and thought, "What if the front desk person is a BHIS fan?!?!?"

  • Break into a door with weak security and steal equipment - I was given a plastic shiv and asked to try and get into a secure area in the middle of a busy office morning. No pressure, right?

Was I successful? Was I arrested? Find out in today's episode!

Episoder(710)

7MS #710: I'm Taking a Break

7MS #710: I'm Taking a Break

Hi friends, I'm going to be taking a break from producing podcast episodes, as well as content over at 7MinSec.club.  It's a temporary break, so please don't unsubscribe, unfollow, etc.  I need some e...

17 Jan 4min

7MS #709: Second Impressions of Twingate

7MS #709: Second Impressions of Twingate

Hey friends, in episode #649 I gave you my first impressions of Twingate.  It's been a minute, so I thought I'd revisit Twingate (specifically this awesome Twingate LXC) and talk about how we're using...

10 Jan 20min

7MS #708: Tales of Pentest Fail – Part 6

7MS #708: Tales of Pentest Fail – Part 6

After sharing a recent story about how a phishing campaign went south, I heard feedback from a lot of you.  You either commiserated with my story, told me I wussed out, and/or had a difficult story of...

2 Jan 25min

7MS #707: Our New Pentest Course Has Launched!

7MS #707: Our New Pentest Course Has Launched!

Today we're thrilled to announce the launch of LPLITE:GOAD (Light Pentest Live Interactive Training Experience: Game of Active Directory). The first class is coming up Tuesday, January 27 – Thursday, ...

26 Des 202514min

7MS #706: Tales of Pentest Pwnage – Part 80

7MS #706: Tales of Pentest Pwnage – Part 80

I'm so excited to share today's tale of pentest pwnage, because it brings back to life a coercion technique I thought wouldn't work against Windows 11! Spoiler alert: check out rpc2efs, as well as the...

19 Des 202529min

7MS #705: A Phishing Campaign Fail Tale

7MS #705: A Phishing Campaign Fail Tale

This might be obvious, but security is not all domain admin dancing and maximum pwnage. Sometimes, despite my best efforts, a security project does a faceplant. Today's episode focuses on a phishing c...

12 Des 202521min

7MS #704: DIY Pentest Dropbox Tips – Part 12

7MS #704: DIY Pentest Dropbox Tips – Part 12

Hola friends!  My week has very much been about trying to turnaround pentest dropboxes as quickly as possible.  In that adventure, I came across two time-saving discoveries: Using a Proxmox LXC as a ...

5 Des 202524min

7MS #703: Tales of Pentest Pwnage – Part 79

7MS #703: Tales of Pentest Pwnage – Part 79

Happy Thanksgiving week friends! Today we're celebrating a turkey and pie overload by sharing another fun tale of pentest pwnage! It involves using pygpoabuse to hijack a GPO and turn it into our pent...

28 Nov 202522min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden
aftenpodden-usa
i-retten
forklart
popradet
stopp-verden
det-store-bildet
dine-penger-pengeradet
rss-gukild-johaug
fotballpodden-2
nokon-ma-ga
bt-dokumentar-2
hanna-de-heldige
aftenbla-bla
chit-chat-med-helle
frokostshowet-pa-p5
rss-dannet-uten-piano
rss-ness
e24-podden