Blog
Search all our posts or browse some of our most recent entries below:
7MS #582: Using Wazuh as a SIEM for Work and Home
Today we had a blast playing with Wazuh as a SIEM you can use for work and/or home. Inspiration for this episode came from Network Chuck. This one-liner will literally get Wazuh installed in about 5 minutes: curl -sO https://packages.wazuh.com/4.7/wazuh-install.sh && sudo bash ./wazuh-install.sh -a P.S. if you accidentally close your command window before writing down the admin password (like I did), you can [...]
7MS #581: Tales of Pentest Pwnage – Part 49
(Sorry, I don't know how to count. The video says it's pwnage part 48, but it's actually part 49)Oooo, giggidy! Today's tale of pentest pwnage is about pwning vCenter with CVE-2021-44228 - a vulnerability that lets us bypass authentication entirely and do/take what we want from vCenter! Key links to make the magic happen:How to exploit log4j manually in vCenterHow to automate the attack!Tool to [...]
7MS #580: Hacking Tommy Callahan – Part 3
Today me and my pal Paul from Project7 did a live hacking session and finally got the Callahan Auto brake pad Web app back online! Hopefully you enjoyed this hacking series. The feedback has been great, so we may have to take a crack at Billy in the near future as well.
7MS #579: Hacking Tommy Callahan – Part 2
Hey friends, today we're continuing our series on pwning the Tommy Boy VM on VulnHub VM! P.S. did you miss part one? Check it out on YouTube. Joe "The Machine" Skeen and I had a blast poking and prodding at the VM in hopes to fix the broken Callahan Auto brake-ordering Web app. Some tips/tricks we cover:It's always a good idea to look at a [...]
7MS #578: Interview with Mike Toole of Blumira
Today I'm excited to share a featured interview with our new friend Mike Toole of Blumira. We talk about all things EDR, including:How does it differ from something like Windows Defender?What things do I need to keep in mind if I'm in the market for an EDR purchase?Is Mac EDR any good?How do attackers bypass EDR?Will AI create industructible malware, take over the human race [...]
7MS #577: Tales of Pentest Pwnage – Part 48
Holy schnikes - this episode is actually 7 minutes long! What a concept!Anyway, today I give you a couple tips that have helped me pwn some internal networks the last few weeks, including:Getting a second (and third?) opinion on Active Directory Certificate Services vulnerabilities!Analyzing the root domain object in BloodHound to find some misconfigs that might equal instant domain admin access!
7MS #575: Annoying Attackers with ADHD – Part 2
Hey friends! Today we're taking a second look at ADHD - Active Defense Harbinger Distribution - a cool VM full of tools designed to annoy/attribute/attack pesky attackers! The tools covered today include: PHP-HTTP-TARPIT A tool to confuse and waste bot/scanner/hacker time. Grab it here and check out our setup instructions: sudo git clone https://github.com/msigley/PHP-HTTP-Tarpit.git /opt/tarpit cd /opt/tarpit sudo mv la_brea.php /var/www/html/index.php cd /var/www/html/ # Delete [...]
7MS #574: Annoying Attackers with ADHD
SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount! Hey friends! Today we're looking at ADHD - Active Defense Harbinger Distribution - a cool VM full of tools designed to annoy/attribute/attack pesky attackers! ADHD gets you up and running with [...]
7MS #573: Securing Your Mental Health – Part 4
Today we're talking about reducing anxiety by hacking your mental health with these tips:Using personal automation to text people important remindersUsing Remind to create a personal communication "class" with your family membersUsing Smartsheet (not a sponsor) to create daily email "blasts" to yourself about all the various project todos you need to tackle
7MS #572: Protecting Your Domain Controllers with LDAP Firewall
Today we look at LDAP Firewall - a cool (and free!) way to defend your domain controllers against SharpHound enumeration, LAPS password enumeration, and the noPac attack.
7MS #571: Simple Ways to Test Your SIEM – Part 2
Hey friends! This week I spoke at the Secure360 conference in Minnesota on Simple Ways to Test Your SIEM. This is something I covered a while back on the podcast, but punched up the content a bit and built a refreshed a two-part GitHub gist that covers:Questions you can ask a prospective SIEM/SOC solution to figure out which one is the right fit for youAll [...]