7 Minute Security
Technology Podcasts
7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer.
Location:
United States
Genres:
Technology Podcasts
Description:
7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer.
Language:
English
Website:
https://7ms.us/
Episodes
7MS #623: Prelude to a Tale of Pentest Pwnage
5/10/2024
Today’s prelude to a tale of pentest pwnage talks about something called “spnless RBCD” (resource-based constrained delegation). The show notes don't format well here in the podcast notes, so head to 7minsec.com to see the notes in all their glory.
Duration:00:24:52
7MS #622: Migrating from vCenter to Proxmox - Part 1
5/5/2024
Sadly, the Broadcom acquisition of VMWare has hit 7MinSec hard – we love running ESXi on our NUCs, but ESXi free is no longer available. To add insult to injury, our vCenter lab at OVHcloud HQ got a huge price gouge (due to license cost increase; not OVH’s fault). Now we’re exploring Proxmox as an alternative hypervisor, so we’re using today’s episode to kick off a series about the joys and pains of this migration process.
Duration:00:16:31
7MS #621: Eating the Security Dog Food - Part 6
4/26/2024
Today we revisit a series about eating the security dog food – in other words, practicing what we preach as security gurus! Specifically we talk about:
Duration:00:23:37
7MS #620: Securing Your Mental Health - Part 5
4/21/2024
Today we’re talking about tips to deal with stress and anxiety:
take breaks
Duration:00:22:54
7MS #619: Tales of Pentest Pwnage – Part 56
4/14/2024
We did something crazy today and recorded an episode that was 7 minutes long! Today we talk about some things that have helped us out in recent pentests:
Farmer.searchConnector-msmatrixthisthat
Duration:00:07:02
7MS #618: Writing Savage Pentest Reports with Sysreptor
4/5/2024
Today’s episode is all about writing reports in Sysreptor. It’s awesome! Main takeaways:
reptor Python moduleonly
Duration:00:38:30
7MS #617: Tales of Pentest Pwnage – Part 55
3/29/2024
Hey friends, today we’ve got a tale of pentest pwnage that covers:
cached credentialsMisconfiguration ManagerThe First Cred is the Deepest – Part 2sccmhunter
Duration:00:36:19
7MS #616: Interview with Andrew Morris of GreyNoise
3/22/2024
Hey friends, today we have a super fun interview with Andrew Morris of GreyNoise to share. Andrew chatted with us about:
Duration:00:59:04
7MS #615: Tales of Pentest Pwnage – Part 54
3/19/2024
Hey friends, sorry I’m so late with this (er, last) week’s episode but I’m back! Today is more of a prep for tales of pentest pwnage, but topics covered include:
snafflin
Duration:00:21:48
7MS #614: How to Succeed in Business Without Really Crying - Part 16
3/8/2024
Netwrix Connectannoying
Duration:00:36:21
7MS #613: Tales of Pentest Pwnage – Part 53
3/1/2024
Today’s tale of pentest covers:
Farmingunderstand trusted zonesSnafflingStealing Kerberos tickets
Duration:00:33:24
7MS #612: Pentestatonix - Part 2
2/25/2024
Hello friends, we’re still deep in the podcast trenches this quarter and wanted to share some nuggets of cool stuff we’ve been learning along the way:
SnafflerPowerHuntSharesGroup3rFarmer
Duration:00:32:23
7MS #611: Pentestatonix
2/19/2024
Hey friends, sorry for the late episode but I've been deep in the trenches of pentest adventures. I'll do a more formal tale of pentest pwnage when I come up for air, but for now I wanted to share some tips I've picked up from recent engagements:
GraphRunnerpasswordPowerUpSQLdeeeefffffinitely Invoke-SQLAudit -Verbose
Duration:00:34:03
7MS #610: DIY Pentest Dropbox Tips – Part 9
2/9/2024
Hey friends, today we cover a funstrating (that's fun + frustrating) issue we had with our DIY pentest dropboxes. TLDL:
bad Kali metapackageisolinux > txt.cfgtxt.cfg
Duration:00:20:25
7MS #609: First Impressions of Sysreptor
2/2/2024
Hey friends, today is a first impressions episode about Sysreptor, which according to their GitHub page, is a fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike. It is easy to stand up with Docker, has built-in MFA and a great hybrid WYSIWYG/code editor. The only scary part? There is no export to Word (insert suspenseful music here!) - your reports just go right to PDF, friends! The killer feature for us, though, is the ability to create reports from the command line and send files, notes and findings to Sysreptor automagically!
Duration:00:30:51
7MS #608: New Tool Release - EvilFortiAuthenticator
1/26/2024
Hey friends, today our pal Hackernovice joins us for a tool (actually two tools!) release party:
EvilFortiAuthenticatorFortiAuthenticatorBulletsPassViewFortinet's documentationmaintenance modeMITMsmtpTCMLobbyBBQnothing
Duration:00:43:46
7MS #607: How to Succeed in Business Without Really Crying - Part 15
1/19/2024
Today we talk about some business-y things like:
A pre first impressions opinion on Sysreptor
Why I'm not worried about AI replacing manual pentesting (yet)
My struggle with going "full CEO" vs. staying in the weeds and working on hands-on security projects
Duration:00:39:54
7MS #606: Hacking OWASP Juice Shop (2024 edition)
1/12/2024
Today our pals Bjorn Kimminich from OWASP and Paul from Project7 and TheUnstoppables.ai join us as we kick off a series all about hacking the OWASP Juice Shop, which is "probably the most modern and sophisticated insecure web application!" We got a few wins on the Juice Shop score board today:
zero starsOWASP Juice Shop Jingle
Duration:00:29:51
7MS #605: Navigating the Demands of Tech Leadership with Amanda Berlin of Blumira
1/5/2024
Today our friend Amanda Berlin, Lead Incident Detection Engineer at Blumira, joins us to talk about being more mentally healthy in 2024!
P.S. - did you miss Amanda's past visits to the program? Then check out episode 518, 536 and 588.
Be sure to check out the next edition of Amanda's Defensive Security Handbook when it comes out in later January, 2024!
Duration:00:58:01
7MS #604: A Two Tool Teaser
1/1/2024
Today we tease two upcoming tool releases (shooting for Q1, 2024):
TCMLobbyBBQ - a Python script for PC players of The Texas Chain Saw Massacre game to help players get out of lobbies and into live games ASAP! The script uses PyAutoGUI to take screenshots of what part of the game you're in, then make appropriate key presses and mouse clicks to get into lobby queues, then alert you when the game actually starts!
EvilFortiAuthenticator - this tool will allow you to steal administrator API tokens from FortiAuthenticator which can lead to full compromise of the physical device.
Happy new year!
Duration:00:26:04