7MS #681: Pentesting GOAD – Part 3
Today Joe "The Machine" Skeen and I pwn the third and final realm in the world of GOAD (Game of Active Directory): essos.local! The way we go about it is to do a WinRM connection to our previously-pw...
27 Jun 202518min
7MS #680: Tips for a Better Purple Team Experience
Today I share some tips on creating a better purple team experience for your customers, including: Setting up communication channels and cadence Giving a heads-up on highs/criticals during testing (n...
20 Jun 202526min
7MS #679: Tales of Pentest Pwnage – Part 73
In today's tale of pentest pwnage I talk about a cool ADCS ESC3 attack – which I also did live on this week's Tuesday TOOLSday. I also talk about Exegol's licensing plans (and how it might break your...
13 Jun 202530min
7MS #678: How to Succeed in Business Without Really Crying – Part 22
Today I share some tips on presenting a wide variety of content to a wide variety of audiences, including: Knowing your audience before you touch PowerPoint Understanding your presentation physical h...
6 Jun 202533min
7MS #677: That One Time I Was a Victim of a Supply Chain Attack
Hi everybody. Today I take it easy (because my brain is friend from the short week) to tell you about the time I think my HP laptop was compromised at the factory!
30 Mai 202513min
7MS #676: Tales of Pentest Pwnage – Part 72
Today's fun tale of pentest pwnage discuss an attack path that would, in my opinion, probably be impossible to detect…until it's too late.
27 Mai 202559min
7MS #675: Pentesting GOAD – Part 2
Hey friends! Today Joe "The Machine" Skeen and I tackled GOAD (Game of Active Directory) again – this time covering: SQL link abuse between two domains Forging inter-realm TGTs to conquer the coveted...
16 Mai 202531min
7MS #674: Tales of Pentest Pwnage – Part 71
Today's tale of pentest pwnage is another great one! We talk about: The SPNless RBCD attack (covered in more detail in this episode) Importance of looking at all "branches" of outbound permissions t...
9 Mai 202549min
