Blog
Search all our posts or browse some of our most recent entries below:
7MS #627: Migrating from vCenter to Proxmox – Part 2
Hey friends, today we continue our series all about migrating from VMWare to the world Proxmox! Specifically: Getting my first Proxmox-based NUCs out in the field for live engagements! Pulling the trigger on two bare-metal Proxmox servers to eventually replace my vCenter environment. OVHCloud made it super easy to to add Proxmox to those bare-metals with a simple wizard. I couldn't figure out how [...]
7MS #626: Web Pentesting Pastiche
SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 20% discount! Hey friends, today we've got a security milkshake episode about Web app pentesting. Specifically we talk about: Burp Suite Enterprise Caido - a lightweight alternative to Burp wfuzz - Web fuzzer. [...]
7MS #625: A Peek into the 7MS Mail Bag – Part 4
Road trip time! I've been traveling this week doing some fun security projects, and thought all this highway time would be a perfect opportunity to take a dip into the 7MS mail bag! Today's questions include: How do you price internal network penetration tests? Have you ever had to deal with a difficult client situation, and how did you resolve it? Are you done going [...]
7MS #624: Tales of Pentest Pwnage – Part 57
Today's tale of pentest pwnage is all about my new favorite attack called SPN-less RBCD. We did a teaser episode last week that actually ended up being a full episode all about the attack, and even step by step commands to pull it off. But I didn't want today's episode to just be "Hey friends, check out the YouTube version of this attack!" so [...]
7MS #623: Prelude to a Tale of Pentest Pwnage
Today's prelude to a tale of pentest pwnage talks about something called "spnless RBCD" (resource-based constrained delegation). Here are the key steps: Lets use my lab of tangent.town as an example and say that TT-DC02 is where Webdav is enabled. Add a DNS record that points to your testing box (I think this is required so the victim systems consider you to be in the [...]
7MS #622: Migrating from vCenter to Proxmox – Part 1
Sadly, the Broadcom acquisition of VMWare has hit 7MinSec hard - we love running ESXi on our NUCs, but ESXi free is no longer available. To add insult to injury, our vCenter lab at OVHcloud HQ got a huge price gouge (due to license cost increase; not OVH's fault). Now we're exploring Proxmox as an alternative hypervisor, so we're using today's episode to kick off a [...]
7MS #621: Eating the Security Dog Food – Part 6
Today we revisit a series about eating the security dog food - in other words, practicing what we preach as security gurus! Specifically we talk about: We're going to get a third-party assessment on 7MinSec (the business) Tips for secure email backup/storage Limiting the retention of sensitive data you store in cloud places
7MS #620: Securing Your Mental Health – Part 5
Today we're talking about tips to deal with stress and anxiety: It sounds basic, but take breaks - and take them in a different place (don't just stay in the office and do more screen/doom-scrolling) I've never gotten to a place in my workload where I go "Ahhh, all caught up!" so I should stop striving to hit that invisible goal. Chiropractic and back massages have [...]
7MS #619: Tales of Pentest Pwnage – Part 56
We did something crazy today and recorded an episode that was 7 minutes long! Today we talk about some things that have helped us out in recent pentests: When using Farmer to create "trap" files that coerce authentication, I've found way better results using Windows Search Connectors (.searchConnector-ms) files This matrix of "can I relay this to that" has been super helpful, especially early in engagements
7MS #618: Writing Savage Pentest Reports with Sysreptor
Today's episode is all about writing reports in Sysreptor. It's awesome! Main takeaways: The price is free (they have a paid version as well)! You can send findings and artifacts directly to the report server using the reptor Python module Warning: Sysreptor only exports to PDF (no Word version option!) Sysreptor has helped us write reports faster without sacrificing quality
7MS #617: Tales of Pentest Pwnage – Part 55
Hey friends, today we've got a tale of pentest pwnage that covers: Passwords - make sure to look for patterns such as keyboard walks, as well as people who are picking passwords where the month the password changed is part of the password (say that five times fast)! Making sure you go after cached credentials Attacking SCCM - Misconfiguration Manager is an absolute gem [...]