Preview Mode Links will not work in preview mode

7 Minute Security

Sep 29, 2023

Today we talk about an awesome path to internal network pentest pwnage using downgraded authentication from a domain controller, a tool called ntlmv1-multi, and a boatload of cloud-cracking power on the cheap from Here's my chicken scratch notes for how to take the downgraded authentication hash...

Sep 22, 2023

Today my Paul and I continued hacking Billy Madison (see part one here) and learned some interesting things:

  • You can fuzz a URL with a specific file type using a format like this:
wfuzz  -c -z file,/root/Desktop/wordlist.txt --hc 404 http://x.x.x.x/FUZZ.cap 
  • To rip .cap files apart and make them "pretty" you...

Sep 15, 2023

In today's tale of pentest pwnage we talk about:

  • The importance of local admin and how access to even one server might mean instant, full control over their backup or virtualization infrastructure

  • Copying files via WinRM when copying over SMB is blocked:

$sess = New-PSSession -Computername...

Sep 8, 2023

Today Amanda Berlin from Blumira teaches us how to unlock the power of Sysmon so we can gain insight into the good, bad and ugly things happening on our corporate endpoints!  Key takeaways:

  • Sysmon turns your windows logging up to 11, and pairs well with a config file like this one or this one.
  • Careful if you are are...

Sep 1, 2023

Today my pal Paul from Project7 and I hack the heck out of Billy Madison a vulnerable virtual machine that is celebrating its 7th anniversary this month!