Hi friends, today we’re talking about pentesting potatoes (not really, but this episode is sort of a homage to episode 333 where I went to Boise to do a controls assessment and ended up doing an impromptu physical pentest and social engineer exercise).  I talk about what a blast I’m having hunting APTs in XINTRA LABS, and two cool tools I’m building with the help of Cursor:

• A wrapper for Netexec that quickly finds roastable users, machines without SMB signing, clients running Webclient and more.
• A sifter of Snaffler-captured files to zero in even closer on interesting things such as usernames and passwords in clear text.