7MS #700: Pretender

Hey friends! Today Joe "The Machine" Skeen and I tackled GOAD (Game of Active Directory) again – this time covering: SQL link abuse between two domains Forging inter-realm TGTs to conquer the coveted...

16 Mai 202531min

Today's tale of pentest pwnage is another great one! We talk about: The SPNless RBCD attack (covered in more detail in this episode) Importance of looking at all "branches" of outbound permissions t...

9 Mai 202549min

Today we're excited to release ProxmoxRox – a repo of info and scripts to help you quickly spin up Ubuntu and Windows VMs. Also, some important news items: 7MinSec.club in-person meeting is happenin...

3 Mai 202530min

Today's a fun tale of pentest pwnage where we leveraged a WinRM service ticket in combination with the shadow credentials attack, then connected to an important system using evil-winrm and make our ge...

25 Apr 202555min

Hello! This week Joe "The Machine" Skeen and I kicked off a series all about pentesting GOAD (Game of Active Directory). In part one we covered: Checking for null session enumeration on domain contr...

18 Apr 202525min

Hi friends, today I'm kicking off a series talking about the good/bad/ugly of hosting security services. Today I talk specifically about transfer.zip. By self-hosting your own instance of transfer.zip...

11 Apr 202536min

Hi friends, in this edition of what I'm working on this week: 3 pulse-pounding pentests that had…problems Something I'm calling the unshadow/reshadow credentials attack Heads-up on a new video experi...

4 Apr 202542min

Hola friends! Today's tale of pentest pwnage talks about abusing Exchange and the Azure ADSync account! Links to the discussed things: adconnectdump – for all your ADSync account dumping needs! Adam ...

28 Mar 202530min