Preview Mode Links will not work in preview mode

7 Minute Security

Jul 12, 2024

Today’s tale of pentest pwnage includes some fun stuff, including:

    • SharpGPOAbuse helps abuse vulnerable GPOs!  Try submitting a harmless POC first via a scheduled task – like ping -n 1 your.kali.ip.address.  When you’re ready to fire off a task that coerces SMB auth, try certutil...


Jul 7, 2024

Hi friends, today’s a tale full of test tips and tools to help you in your adventures in pentesting!


Jul 1, 2024

Today I recap a two week persona/biz road trip and talk about the security stuff that got sprinkled into it, including:

  • Family members who don’t care about their personal security
  • Weakpass – a cool collection of word lists for brute-forcing and spraying that I’d never heard of
  • Working on two security Webinars for...


Jun 24, 2024

Today we have a fun featured interview with my new friend Stu Musil of Ambient Consulting I had a great time talking with Stu about bashing come common misconceptions people have about working with recruiters, plus tackling some frequently asked questions:

  • How do you properly vet a recruiter you don’t know, but...


Jun 14, 2024

Hey friends, today we talk about some not-so-glamorous but ever-so-important stuff related to running a cybersecurity consultancy, including:

  • Taking an inventory of all the SaaS stuff your business uses – to keep an eye on spending, know when services are expiring, and track which credit card the services are tied to...