Blog
Search all our posts or browse some of our most recent entries below:
7MS #372: Tales of Internal Pentest Pwnage – Part 5
Today's episode is brought to you by ITProTV. It’s never too late to start a new career in IT or move up the ladder, and ITProTV has you covered - from CompTIA and Cisco to EC-Council and VMWare. Get over 65 hours of IT training for free by visiting https://itpro.tv/7minuteToday I share the (hopefully) exciting and fun conclusion to last week's episode about a tale [...]
7MS #371: Tales of Internal Pentest Pwnage – Part 4
Today's episode is brought to you by ITProTV. It’s never too late to start a new career in IT or move up the ladder, and ITProTV has you covered - from CompTIA and Cisco to EC-Council and VMWare. Get over 65 hours of IT training for free by visiting https://itpro.tv/7minuteHappy belated 4th of July! Today I've got another fun tale of internal pentest pwnage that [...]
7MS #370: Happy Secure 4th!
Hey folks, happy secure 4th o' July!In today's seven minute episode (Wha? Gasp! Yep...it's seven minutes!) I kick back a bit, give you some updates and tease/prepare you for some cool full episodes to come in the near future. Topics covered include:NPK, which I talked about last week is super awesome but I'm having issues getting my jobs to run clean. Will keep you posted [...]
7MS #369: Cracking Hashes with NPK
Today's episode is brought to you by my friends at safepass.me. Safepass.me is the most efficient and cost-effective solution to prevent Active Directory users from setting a weak or compromised password. It's in compliance with the latest NIST password guidelines, and is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 [...]
7MS #368: Tales of Pentest Fail
This episode of the 7 Minute Security Podcast is brought to you by Authentic8, creators of Silo. Silo allows its users to conduct online investigations to collect information off the web securely and anonymously. For more information, check out Authentic8.In today's episode, I toss myself under the proverbial security bus and share a tale of pentest fail. Looking back, I think the most important lessons [...]
7MS #367: DIY Two-Hour Risk Assessment
This episode is brought to you by ITProTV. Visit https://www.itpro.tv/7minsec for over 65 hours of IT training for free!Hey! I'm on the road again - this time with a tale encompassing:How to conduct a mini risk assessment in just two hours. Some ways to consider adding value :A discussion of administrative and physical controlsCreate a network inventory using nmap and EyewitnessConduct an external vulnerability scan [...]
7MS #366: Tales of Internal Pentest Pwnage – Part 3
This episode is brought to you by ITProTV. Visit https://www.itpro.tv/7minsec for over 65 hours of IT training for free!Today's episode was recorded on the way to a new assessment, and since I had nothing but miles and time in front of me, I covered two major stories (probably not in order of importance):Why I had two get two haircuts in under and hour (spoiler: it's [...]
7MS #365: Interview with Ryan Manship and Dave Dobrotka – Part 3
This episode of the 7 Minute Security Podcast is brought to you by Authentic8, creators of Silo. Silo allows its users to conduct online investigations to collect information off the web securely and anonymously. For more information, check out Authentic8.First, a bit of miscellany:If you replace "red rain" with "red team" in this song, we might just have a red team anthem on our hands!If [...]
7MS #364: Tales of External Pentest Pwnage
This episode of the 7 Minute Security Podcast is brought to you by Authentic8, creators of Silo. Silo allows its users to conduct online investigations to collect information off the web securely and anonymously. For more information, check out Authentic8.This episode is about some cool things I'm learning about external pentesting. But first, some updates:My talk at Secure360 went really well. Only slightly #awkward thing [...]
7MS #363: Interview with Ryan Manship and Dave Dobrotka – Part 2
This episode is brought to you by ITProTV. Visit https://www.itpro.tv/7minsec for over 65 hours of IT training for free!Yuss! It's true! Dave and Ryan are back!Back in episode #326 we met Ryan Manship of RedTeam Security and Dave Dobrotka of United HealthGroup and talked about their cool and exciting careers as professional red teamers.In this follow-up interview (which will be broken into a few parts), [...]
7MS #362: My Dear Friend Impostor Syndrome
This episode is brought to you by ITProTV. Visit https://www.itpro.tv/7minsec for over 65 hours of IT training for free!Today I take a walk (literally!), get chased by a dog (seriously!) and talk about impostor syndrome and feelings of self-loathing and doubt as I get ready to speak at Secure360 next week (insert wah-wah-waaaaaaahhhhhhh here).How do you deal with impostor syndrome? Personally, I'm finding some success [...]