Blog
Search all our posts or browse some of our most recent entries below:
7MS: #559: Tales of Pentest Pwnage – Part 46
Ooooo giggidy! Today's episode is about a pentest pwnage path that is super fun and interesting, and I've now seen 3-4 times in the wild. Here are some notes from the audio/video that will help bring this to life for you (oh and read this article for a great tech explanation of what's happening under the hood):Change the Responder.conf file like so:; Custom challenge. ; [...]
7MS #558: How to Build a Vulnerable Pentest Lab – Part 2
Today we continue part 2 of a series we started a few weeks ago all about building a vulnerable pentesting lab. Check out the video above, and here are the main snippets of code and tips to get you going:Use Youzer to import a bunch of bogus users into your Active Directory:sudo python ./youzer.py --generate --generate_length 20 --ou "ou=Contractors,dc=brifly,dc=us" --domain brifly.us --users 1000 --output lusers.csvMake [...]
7MS #557: Better Passive Network Visibility Using Teleseer
Today we're talking about Teleseer, which is an awesome service to give you better network visibility - whether you're on the blue, red or purple team! It all starts with a simple packet capture, and ends with gorgeous visuals and insight into what the heck is on your network and - from a pentester's perspective - delicious vulnerabilities that may lie within!
7MS #556: How to Build a Vulnerable Pentest Lab
Today's episode is brought to us by our friends at Blumira! Today we kick off a series all about building your own vulnerable pentest lab from scratch, specifically: Spinning up a domain controller with a few lines of PowerShell Installing Active Directory Domain Services Setting up an intentionally cruddy password policy Baking in the MS14-025 vulnerability Here are the code snippets that help you get [...]
7MS #555: Light Pentest eBook 1.1 Release
Today we're releasing version 1.1 of our Light Pentest eBook. Changes discussed in today's episode (and shown live in the accompanying YouTube video) include:Some typos and bug fixesA new section on finding systems with unconstrained delegation and exploiting themA new section on finding easily pwnable passwords via password sprayingA new section relaying credentials with MITM6 (be careful using some of its options - read this)New [...]
7MS #554: Simple Ways to Test Your SIEM
Today we talk about Simple Ways to Test Your SIEM. Feel free to check out the YouTube version of this presentation, as well as our interview with Matt from Blumira for even more context, but here are the essential tools and commands covered:Port scanningnmap 10.0.7.0/24 - basic nmap scanmassscan -p1-65535,U:1-65535 --rate=1000 10.0.7.0/24 -v - scan all 65k+ TCP and UDP ports!Password sprayingRubeus.exe spray /password:Winter2022! /outfile:pwned.txt [...]
7MS #553: The Artificial Intelligence Throat Burn Episode
Hey friends, today's episode is hosted by an AI from Murf.ai because I suffered a throat injury over the holidays and spent Christmas morning in the emergency room! TLDL: I'm fine, but if you want the (sort of) gory details and an update on my condition after my ENT appointment, check out today's episode. Otherwise, we'll see you next week when our regularly scheduled security [...]
7MS #552: Tales of Pentest Pwnage – Part 45
SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount!Today's tale of pentest pwnage covers some of the following attacks/tools:Teleseer for packet capture visualizations on steroids!Copernic Desktop SearchRunning Responder as Responder.py -I eth0 -A will analyze traffic but not poison itI [...]
7MS #551: Interview with Matt Warner of Blumira
Today we welcome our pal Matthew Warner (CTO and co-founder of Blumira) back to the show for a third time (his first appearance was #507 and second was #529).I complained to Matt about how so many SIEM/SOC solutions don't catch early warning signs of evil things lurking in customer networks. Specifically, I whined about 7 specific, oft-missed attacks like port scanning, Kerberoasting, ASREPRoasting, password spraying [...]
7MS #550: Tales of Pentest Fail – Part 5
This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more.Hey friends, today's episode is extra special because it's our first episode we've ever done live and with video(!). Will we do it again? Who knows. But anyway, we had a [...]
7MS #549: Interview with Christopher Fielder and Daniel Thanos of Arctic Wolf
This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more.Today my friends Christopher Fielder and Daniel Thanos from Arctic Wolf chat with me about what kinds of icky things bad guys/gals are doing to our networks, and how we can [...]