7 Minute Security

Apr 14, 2024

We did something crazy today and recorded an episode that was 7 minutes long!  Today we talk about some things that have helped us out in recent pentests:

• When using Farmer to create “trap” files that coerce authentication, I’ve found way better results using Windows Search Connectors...

Apr 5, 2024

Today’s episode is all about writing reports in Sysreptor.  It’s awesome!  Main takeaways:

• The price is free (they have a paid version as well)!
• You can send findings and artifacts directly to the report server using the reptor Python module
• Warning: Sysreptor only exports to PDF (no Word version option!)
• Sysreptor...

Mar 29, 2024

Hey friends, today we’ve got a tale of pentest pwnage that covers:

• Passwords – make sure to look for patterns such as keyboard walks, as well as people who are picking passwords where the month the password changed is part of the password (say that five times fast)!
• Making sure you go after cached...

Mar 22, 2024

Hey friends, today we have a super fun interview with Andrew Morris of GreyNoise to share.  Andrew chatted with us about:

• Young Andrew’s early adventures in hacking his school’s infrastructure (note: don’t try this at home, kids!)
• Meeting a pentester for the first time, and getting his first pentesting...

Mar 19, 2024

Hey friends, sorry I’m so late with this (er, last) week’s episode but I’m back!  Today is more of a prep for tales of pentest pwnage, but topics covered include:

• Make sure when you’re snafflin‘ that you check for encrypted/obfuscated logins and login strings – it might not be too tough to decrypt them!
• On...