7MS #697: Pwning Ninja Hacker Academy – Part 4
7 Minute Security18 Okt 2025

7MS #697: Pwning Ninja Hacker Academy – Part 4

Today your pal and mine Joe "The Machine" Skeen pwn one of the two Ninja Hacker Academy domains! This pwnage included:

  • Swiping service tickets in the name of high-priv users
  • Dumping secrets from wmorkstations
  • Disabling AV
  • Extracting hashes of gMSA accounts

We didn't get the second domain pwned, and so I was originally thinking about doing a part 5 in November, but changed my mind. Going forward, I'm thinking about doing longer, all-in-one hacking livestreams where we cover things like NHA from start to finish. My first thought would be to do one long livestream where we complete NHA start to finish. Would you be interested? Let me know at 7MinSec.club, as I'm thinking this could be an interesting piece of bonus content.

Episoder(715)

7MS #683: What I'm Working on This Week - Part 4

7MS #683: What I'm Working on This Week - Part 4

This week I'm working on a mixed bag of fun security and marketing things: A pentest I'm stuck on My latest lab CTF obsession: Ninja Hacker Academy A cool "about 7MinSec" marketing video that was rec...

12 Jul 202530min

7MS #682: Securing Your Family During and After a Disaster – Part 7

7MS #682: Securing Your Family During and After a Disaster – Part 7

Today's episode is a downer! We talk about things you might want to have buttoned up for when you are eventually not alive anymore: Living will Buried vs. cremated? Funeral plans Funeral PHOTOS? I a...

4 Jul 202530min

7MS #681: Pentesting GOAD – Part 3

7MS #681: Pentesting GOAD – Part 3

Today Joe "The Machine" Skeen and I pwn the third and final realm in the world of GOAD (Game of Active Directory): essos.local! The way we go about it is to do a WinRM connection to our previously-pw...

27 Jun 202518min

7MS #680: Tips for a Better Purple Team Experience

7MS #680: Tips for a Better Purple Team Experience

Today I share some tips on creating a better purple team experience for your customers, including: Setting up communication channels and cadence Giving a heads-up on highs/criticals during testing (n...

20 Jun 202526min

7MS #679: Tales of Pentest Pwnage – Part 73

7MS #679: Tales of Pentest Pwnage – Part 73

In today's tale of pentest pwnage I talk about a cool ADCS ESC3 attack – which I also did live on this week's Tuesday TOOLSday. I also talk about Exegol's licensing plans (and how it might break your...

13 Jun 202530min

7MS #678: How to Succeed in Business Without Really Crying – Part 22

7MS #678: How to Succeed in Business Without Really Crying – Part 22

Today I share some tips on presenting a wide variety of content to a wide variety of audiences, including: Knowing your audience before you touch PowerPoint Understanding your presentation physical h...

6 Jun 202533min

7MS #677: That One Time I Was a Victim of a Supply Chain Attack

7MS #677: That One Time I Was a Victim of a Supply Chain Attack

Hi everybody. Today I take it easy (because my brain is friend from the short week) to tell you about the time I think my HP laptop was compromised at the factory!

30 Mai 202513min

7MS #676: Tales of Pentest Pwnage – Part 72

7MS #676: Tales of Pentest Pwnage – Part 72

Today's fun tale of pentest pwnage discuss an attack path that would, in my opinion, probably be impossible to detect…until it's too late.

27 Mai 202559min

Populært innen Politikk og nyheter

aftenpodden
giver-og-gjengen-vg
lydartikler-fra-aftenposten
forklart
aftenpodden-usa
i-retten
stopp-verden
popradet
det-store-bildet
rss-gukild-johaug
nokon-ma-ga
fotballpodden-2
rss-ness
dine-penger-pengeradet
hanna-de-heldige
e24-podden
aftenbla-bla
rss-dannet-uten-piano
frokostshowet-pa-p5
rss-penger-polser-og-politikk