7MS #700: Pretender
7 Minute Security7 Nov 2025

7MS #700: Pretender

Today is episode 700 of the 7MinSec podcast! Oh my gosh. My mom didn't think we could do it, but we did. Instead of a big blowout with huge news, giveaways and special guests, today is a pretty standard issue episode with a (nearly) 7-minute run time!

The topic of today's episode is Pretender (which you can download here and read a lot more about here). The tool authors explain the motivation behind the tool: "We designed pretender with the single purpose to obtain machine-in-the-middle positions combining the techniques of mitm6 and only the name resolution spoofing portion of Responder."

On a recent pentest, I used Pretender's "dry run" mode to find a hostname (that didn't exist) that a ton of machines were querying for, and poisoned requests just for that host. This type of targeted poisoning snagged me some helpful hashes that I was able to crack/relay, all while minimizing the risk of broader network disruption!

Avsnitt(715)

7MS #683: What I'm Working on This Week - Part 4

7MS #683: What I'm Working on This Week - Part 4

This week I'm working on a mixed bag of fun security and marketing things: A pentest I'm stuck on My latest lab CTF obsession: Ninja Hacker Academy A cool "about 7MinSec" marketing video that was rec...

12 Juli 202530min

7MS #682: Securing Your Family During and After a Disaster – Part 7

7MS #682: Securing Your Family During and After a Disaster – Part 7

Today's episode is a downer! We talk about things you might want to have buttoned up for when you are eventually not alive anymore: Living will Buried vs. cremated? Funeral plans Funeral PHOTOS? I a...

4 Juli 202530min

7MS #681: Pentesting GOAD – Part 3

7MS #681: Pentesting GOAD – Part 3

Today Joe "The Machine" Skeen and I pwn the third and final realm in the world of GOAD (Game of Active Directory): essos.local! The way we go about it is to do a WinRM connection to our previously-pw...

27 Juni 202518min

7MS #680: Tips for a Better Purple Team Experience

7MS #680: Tips for a Better Purple Team Experience

Today I share some tips on creating a better purple team experience for your customers, including: Setting up communication channels and cadence Giving a heads-up on highs/criticals during testing (n...

20 Juni 202526min

7MS #679: Tales of Pentest Pwnage – Part 73

7MS #679: Tales of Pentest Pwnage – Part 73

In today's tale of pentest pwnage I talk about a cool ADCS ESC3 attack – which I also did live on this week's Tuesday TOOLSday. I also talk about Exegol's licensing plans (and how it might break your...

13 Juni 202530min

7MS #678: How to Succeed in Business Without Really Crying – Part 22

7MS #678: How to Succeed in Business Without Really Crying – Part 22

Today I share some tips on presenting a wide variety of content to a wide variety of audiences, including: Knowing your audience before you touch PowerPoint Understanding your presentation physical h...

6 Juni 202533min

7MS #677: That One Time I Was a Victim of a Supply Chain Attack

7MS #677: That One Time I Was a Victim of a Supply Chain Attack

Hi everybody. Today I take it easy (because my brain is friend from the short week) to tell you about the time I think my HP laptop was compromised at the factory!

30 Maj 202513min

7MS #676: Tales of Pentest Pwnage – Part 72

7MS #676: Tales of Pentest Pwnage – Part 72

Today's fun tale of pentest pwnage discuss an attack path that would, in my opinion, probably be impossible to detect…until it's too late.

27 Maj 202559min

Populärt inom Politik & nyheter

svenska-fall
p3-krim
rss-krimstad
fordomspodden
aftonbladet-krim
spar
flashback-forever
rss-sanning-konsekvens
aftonbladet-daily
motiv
rss-vad-fan-hande
rss-krimreportrarna
rss-klubbland-en-podd-mest-om-frolunda
krimmagasinet
politiken
rss-frandfors-horna
dagens-eko
rss-aftonbladet-krim
blenda-2
rss-flodet