Preview Mode Links will not work in preview mode

7 Minute Security

Aug 27, 2022

Today's episode covers three remediation-focused topics that kind of grind my gears and/or get me frustrated with myself. I'm curious for your thoughts on these, so reach out via Slack or Twitter and maybe we'll do a future live stream on this topic.

  1. How do you get clients to actually care when we explain the threats...


Aug 19, 2022

Hey friends, today we share the (hopefully) thrilling conclusion of last week's pentest. Here are some key points:

  • If you find you have local admin on a bunch of privileges and want to quickly loop through a secretsdump of ALL systems and save the output to a text file, this little hacky script will do it!
#!/bin/bash...


Aug 12, 2022

Ok, ok, I know.  I almost always say something like "Today is my favorite tale of pentest pwnage."  And guess what?  Today is my favorite tale of pentest pwnage, and I don't even know how it's going to end yet, so stay tuned to next week's (hopefully) exciting conclusion.  For today, though, I've got some pentest tips...


Aug 5, 2022

Hey friends, wow...we're up to thirty-nine episodes of pwnage? Should we make a cake when we hit the big 4-0?! Anyway, today's TLDL is this:

If you get a nagging suspicion about something you find during enumeration, make sure to either come back to it later, or exhaust the path right away so you don't miss something!...


Aug 1, 2022

Today we're joined by some of our friends at Arctic Wolf - Eugene Grant and Christopher Fielder - to talk about compliance. Now hold on - don't leave yet! I know for many folks, compliance makes them want to bleach their eyeballs. But compliance is super important - especially because it is not the same as being secure....