Preview Mode Links will not work in preview mode

7 Minute Security

Jul 29, 2021

Hey friends, today we're continuing our discussion of password cracking by sharing some methodology that has helped us get a high cred yield, and some tips on taking cracked passwords from multiple sources and Frankensteining them into a beautiful report for your customer.

For some background, when 7MS started as a biz,...


Jul 21, 2021

Today we're talking about Cobalt Strike for newbs - including how to get it up and running, as well as some tools that will help you generate beacons while evading EDR at the same time!

Some helpful things mentioned in today's episode:

  • Wherever you spin up your CS instance, it's probably a good idea to lock down the...


Jul 16, 2021

**STOP!** If you didn't listen to [last week's episode](https://7ms.us/7ms-475-tales-of-internal-network-pentest-pwnage-part-27/) you might want to, since this was a two-part tale of pwnage. Either way I'll get you up to speed and talk about why this was (of course) one of my favorite pentests ever.


Jul 8, 2021

Yeahhhhhh! Today's another fun tale of pentest pwnage, including:

  • The importance of starting your pentest with an AD account that actually has access to...ya know...stuff

  • The importance of starting your pentest plugged into a network that actually has...you know...systems connected to it!

  • This BHIS article is...


Jun 30, 2021

Hey friends! Today we're dusting off an old mini-series about password cracking in the cloud (check out part 1 and part 2) and sharing some awesome info on building a monster of a cracking rig in AWS!

One reason we haven't talked about password cracking in the cloud in a while is because back in winter of 2019 I built