7MS #123: Doing a Redo Assessment

How much fun I had attending and speaking at Netwrix Connect Being a sales guy in conference situations without being an annoying sales guy in conference situations A recap of the talk I co-presented ...

8 Mars 202436min

Today's tale of pentest covers: Farming for credentials (don't forget to understand trusted zones to make this happen properly!) Snaffling for juice file shares Stealing Kerberos tickets with Rubeus

1 Mars 202433min

Hello friends, we're still deep in the podcast trenches this quarter and wanted to share some nuggets of cool stuff we've been learning along the way: Snaffler – pairs nicely with PowerHuntShares to ...

25 Feb 202432min

Hey friends, sorry for the late episode but I've been deep in the trenches of pentest adventures.  I'll do a more formal tale of pentest pwnage when I come up for air, but for now I wanted to share so...

19 Feb 202434min

Hey friends, today we cover a funstrating (that's fun + frustrating) issue we had with our DIY pentest dropboxes. TLDL:   The preseed file got jacked because I had a bad Kali metapackage in it. While...

9 Feb 202420min

Hey friends, today is a first impressions episode about Sysreptor, which according to their GitHub page, is a fully customisable, offensive security reporting solution designed for pentesters, red tea...

2 Feb 202430min

Hey friends, today our pal Hackernovice joins us for a tool (actually two tools!) release party: EvilFortiAuthenticator - it's like a regular FortiAuthenticator, but evil.  This tool allows you to ...

26 Jan 202443min

Today we talk about some business-y things like: A pre first impressions opinion on Sysreptor Why I'm not worried about AI replacing manual pentesting (yet) My struggle with going "full CEO" vs....

19 Jan 202439min