7MS #673: ProxmoxRox

Road trip time! I've been traveling this week doing some fun security projects, and thought all this highway time would be a perfect opportunity to take a dip into the 7MS mail bag! Today's questions...

24 Maj 202444min

Today's tale of pentest pwnage is all about my new favorite attack called SPN-less RBCD. We did a teaser episode last week that actually ended up being a full episode all about the attack, and even st...

17 Maj 202429min

Today's prelude to a tale of pentest pwnage talks about something called "spnless RBCD" (resource-based constrained delegation). The show notes don't format well here in the podcast notes, so head to...

10 Maj 202424min

Sadly, the Broadcom acquisition of VMWare has hit 7MinSec hard – we love running ESXi on our NUCs, but ESXi free is no longer available. To add insult to injury, our vCenter lab at OVHcloud HQ got a ...

5 Maj 202416min

Today we revisit a series about eating the security dog food – in other words, practicing what we preach as security gurus! Specifically we talk about: We're going to get a third-party assessment on...

26 Apr 202423min

Today we're talking about tips to deal with stress and anxiety: It sounds basic, but take breaks – and take them in a different place (don't just stay in the office and do more screen/doom-scrolling)...

21 Apr 202422min

We did something crazy today and recorded an episode that was 7 minutes long! Today we talk about some things that have helped us out in recent pentests: When using Farmer to create "trap" files tha...

14 Apr 20247min

Today's episode is all about writing reports in Sysreptor. It's awesome! Main takeaways: The price is free (they have a paid version as well)! You can send findings and artifacts directly to the re...

5 Apr 202438min