7 Minute Security15 Mars 2018

7MS #301: CredDefense

Intro

CredDefense is a freakin' sweet tool from the fine folks at Black Hills Information Security that does some really nifty things:

Password filter

Lets say you use the out-of-the-box password policy that comes with Active Directory, and you want to change your password to Winter2017! - AD is gonna say "Yeah dude/dudette, go for it...it fits the bill!" But from an attacker's perspective we know this is bad - people love to pick bad seasonal passwords like Winter2017, Summer2019, etc.

With CredDefense's password filter in the mix, any new password gets checked against an additional word list, and if there's a match found within, BAM!! - password rejected.

Password audit

Ok, so now are you curious who in your AD environment is already using crappy passwords like Winter2017? Load up the password audit feature, feed it a big wordlist like rockyou, and you'll be good to go in no time.

ResponderGuard

This is a nifty PowerShell tool that can jack with pentesters/attackers in your environment who are running the popular cred-stealing Responder tool. And what I especially appreciate from a blue team perspective is that if ResponderGuard catches Responder in use in the environment, it can stamp a log in the event log, which can then in turn generate an email if you're using something like WEFFLES (which we talked about recently) and the nifty WEFFLES email script my pal hackern0v1c3 put together here.

Upptäck Premium

Prova 14 dagar kostnadsfritt

Skaffa Premium

Avsnitt(713)

7MS #689: Pwning Ninja Hacker Academy – Part 2

Hello friends! Today your friend and mine, Joe "The Machine" Skeen joins me as we keep chipping away at pwning Ninja Hacker Academy! Today's pwnage includes: "Upgrading" our Sliver C2 connection to...

22 Aug 202515min

7MS #688: Building a Pentest Training Course Is Fun and Frustrating

Today I talk about a subject I love while also driving me crazy at the same time: building a pentest training course! Specifically, I dissect a fun/frustrating GPO attack that I need to build very car...

16 Aug 202522min

7MS #687: A Peek into the 7MS Mail Bag – Part 5

Hi friends, we're doing something today we haven't done in a hot minute: take a dip into the 7MinSec mail bag! Today we cover these questions: If I'm starting a solo business venture as a security co...

11 Aug 202557min

7MS #686: Our New Pentest Training Course is Almost Ready

Oh man, I'm so excited I can hardly sleep. Our new three-day (4 hours per day) training is getting closer to general release. I talk about the good/bad/ugly of putting together an attack-sensitive lab...

1 Aug 202523min

7MS #685: The Time My Neighbor Almost Got Scammed Out of $13K

Today's kind of a "story time with your friend Brian" episode: a tale of how my neighbor almost got scammed out of $13k. The story has a lot of red flags we can all keep in mind to keep ourselves (as...

25 Juli 202522min

7MS #684: Pwning Ninja Hacker Academy

Hey friends, today we start pwning Ninja Hacker Academy – cool CTF-style lab that has you start with no cred and try to conquer domain admin on two domains!

18 Juli 202522min

7MS #683: What I'm Working on This Week - Part 4

This week I'm working on a mixed bag of fun security and marketing things: A pentest I'm stuck on My latest lab CTF obsession: Ninja Hacker Academy A cool "about 7MinSec" marketing video that was rec...

12 Juli 202530min

7MS #682: Securing Your Family During and After a Disaster – Part 7

Today's episode is a downer! We talk about things you might want to have buttoned up for when you are eventually not alive anymore: Living will Buried vs. cremated? Funeral plans Funeral PHOTOS? I a...

4 Juli 202530min

Allt en och samma app

Lyssna på dina favoritpoddar och ljudböcker på ett och samma ställe.

Noga utvalt innehåll

Njut av handplockade tips som passar din smak – utan ändlöst scrollande.

Fortsätt när du vill

Fortsätt lyssna där du slutade – även offline.

Premium

99 kr/ månad

Tillgång till alla Premium-poddar
Reklamfritt premium-innehåll
Avsluta när du vill

Prova 14 dagar gratis

Premium

129 kr/ månad

Tillgång till alla Premium-poddar
Reklamfritt premium-innehåll
Avsluta när du vill
Ett extra konto

Prova 14 dagar gratis

Populärt inom Politik & nyheter

Berättelserna och rösterna du älskar att lyssna på

Obegränsad lyssning på alla dina favoritpoddar och ljudböcker

Upptäck Premium