7 Minute Security

Today’s tale of pentest pwnage is all about my new favorite attack called SPN-less RBCD. We did a teaser episode last week that actually ended up being a full episode all about the attack, and even step by step commands to pull it off. But I didn’t want today’s episode to just be “Hey friends, check out the YouTube version of this attack!” so I also cover: firstBurp Enterpriseall these steps

Today’s prelude to a tale of pentest pwnage talks about something called “spnless RBCD” (resource-based constrained delegation). The show notes don't format well here in the podcast notes, so head to 7minsec.com to see the notes in all their glory.

Sadly, the Broadcom acquisition of VMWare has hit 7MinSec hard – we love running ESXi on our NUCs, but ESXi free is no longer available. To add insult to injury, our vCenter lab at OVHcloud HQ got a huge price gouge (due to license cost increase; not OVH’s fault). Now we’re exploring Proxmox as an alternative hypervisor, so we’re using today’s episode to kick off a series about the joys and pains of this migration process.

Today we revisit a series about eating the security dog food – in other words, practicing what we preach as security gurus! Specifically we talk about:

Today we’re talking about tips to deal with stress and anxiety: take breaks

We did something crazy today and recorded an episode that was 7 minutes long! Today we talk about some things that have helped us out in recent pentests: Farmer.searchConnector-msmatrixthisthat

Today’s episode is all about writing reports in Sysreptor. It’s awesome! Main takeaways: reptor Python moduleonly

Hey friends, today we’ve got a tale of pentest pwnage that covers: cached credentialsMisconfiguration ManagerThe First Cred is the Deepest – Part 2sccmhunter

Hey friends, today we have a super fun interview with Andrew Morris of GreyNoise to share. Andrew chatted with us about:

Hey friends, sorry I’m so late with this (er, last) week’s episode but I’m back! Today is more of a prep for tales of pentest pwnage, but topics covered include: snafflin

Netwrix Connectannoying

Today’s tale of pentest covers: Farmingunderstand trusted zonesSnafflingStealing Kerberos tickets

Hello friends, we’re still deep in the podcast trenches this quarter and wanted to share some nuggets of cool stuff we’ve been learning along the way: SnafflerPowerHuntSharesGroup3rFarmer

Hey friends, sorry for the late episode but I've been deep in the trenches of pentest adventures. I'll do a more formal tale of pentest pwnage when I come up for air, but for now I wanted to share some tips I've picked up from recent engagements: GraphRunnerpasswordPowerUpSQLdeeeefffffinitely Invoke-SQLAudit -Verbose

Hey friends, today we cover a funstrating (that's fun + frustrating) issue we had with our DIY pentest dropboxes. TLDL: bad Kali metapackageisolinux > txt.cfgtxt.cfg

Hey friends, today is a first impressions episode about Sysreptor, which according to their GitHub page, is a fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike. It is easy to stand up with Docker, has built-in MFA and a great hybrid WYSIWYG/code editor. The only scary part? There is no export to Word (insert suspenseful music here!) - your reports just go right to PDF, friends! The killer feature for us, though, is the ability to create reports from the command line and send files, notes and findings to Sysreptor automagically!

Hey friends, today our pal Hackernovice joins us for a tool (actually two tools!) release party: EvilFortiAuthenticatorFortiAuthenticatorBulletsPassViewFortinet's documentationmaintenance modeMITMsmtpTCMLobbyBBQnothing

Today we talk about some business-y things like: A pre first impressions opinion on Sysreptor Why I'm not worried about AI replacing manual pentesting (yet) My struggle with going "full CEO" vs. staying in the weeds and working on hands-on security projects

Today our pals Bjorn Kimminich from OWASP and Paul from Project7 and TheUnstoppables.ai join us as we kick off a series all about hacking the OWASP Juice Shop, which is "probably the most modern and sophisticated insecure web application!" We got a few wins on the Juice Shop score board today: zero starsOWASP Juice Shop Jingle

Today our friend Amanda Berlin, Lead Incident Detection Engineer at Blumira, joins us to talk about being more mentally healthy in 2024! P.S. - did you miss Amanda's past visits to the program? Then check out episode 518, 536 and 588. Be sure to check out the next edition of Amanda's Defensive Security Handbook when it comes out in later January, 2024!