Preview Mode Links will not work in preview mode

7 Minute Security

Feb 25, 2024

Hello friends, we’re still deep in the podcast trenches this quarter and wanted to share some nuggets of cool stuff we’ve been learning along the way:

  • Snaffler – pairs nicely with PowerHuntShares to find juicy tidbits within file/folder shares
  • Group3r – helps you find interesting and potentially abusable Group...


Feb 19, 2024

Hey friends, sorry for the late episode but I've been deep in the trenches of pentest adventures.  I'll do a more formal tale of pentest pwnage when I come up for air, but for now I wanted to share some tips I've picked up from recent engagements:

  • GraphRunner - awesome PowerShell toolkit for interacting with Microsoft...


Feb 9, 2024

Hey friends, today we cover a funstrating (that's fun + frustrating) issue we had with our DIY pentest dropboxes. TLDL:

 

  • The preseed file got jacked because I had a bad Kali metapackage in it.
  • While I was tinkering around with preseed files, I decided it would be more efficient to have the Kali ISO call that preseed...


Feb 2, 2024

Hey friends, today is a first impressions episode about Sysreptor, which according to their GitHub page, is a fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.  It is easy to stand up with Docker, has built-in MFA and a great hybrid...


Jan 26, 2024

Hey friends, today our pal Hackernovice joins us for a tool (actually two tools!) release party:

    • EvilFortiAuthenticator - it's like a regular FortiAuthenticator, but evil.  This tool allows you to capture the FortiAuthenticator API and subsequently steal the entire device's config, subsequently allowing you to...