Apr 10, 2026
Hello friends! Today’s episode is a bit of a detour from our usual content — it’s part vacation horror story, part security/privacy confession. My wife got seriously ill during our spring break trip to Punta Cana, and in the chaos of navigating a foreign hospital at 2 a.m. with zero sleep and a pile of Spanish...
Apr 3, 2026
Today is my favorite pentest pwnage tale of 2026 – and maybe ever! It centers around an ADCS abuse via an attack path I’d never seen before. Tips include:
- Use Netexec to pull Powershell history
- Trying to steal reg hives and the EDR is made? Try copying them out to \\some-other-server.domain.com\share
- This...
Mar 27, 2026
Hola friends! Today’s another fun tale of pentest pwnage. This time we started with no credentials and then set off on the bumpy journey from no-cred zero to domain admin hero! One specific reference in today’s podcast that may be helpful to you is setting up ntlmrelayx to listen on port...
Mar 20, 2026
Hello friends! We’re back with a fun tale of internal network pentest pwnage. This one highlights how AI can be used (with some guardrails!) to automate the boring stuff – and even help you pick part DLLs to find gold nuggets!
P.S. – I do recommend you check out our last three episodes that are all about...
Mar 13, 2026
Hello friends, in today’s edition of How to Secure Your Community, I give a brief recap of part 1 and part 2, and then dive into some cool phone shortcuts you can setup so that with a single tap, you can alert friends/family that you’re having an encounter with law enforcement and may need an assist. Here’s the...