7MS #400: Tales of Internal Pentest Pwnage - Part 14

Back in episode 280 I talked about how I started working with PacktPub to start authoring a video course on vulnerability scanning using Kali. Since that episode I've found that recording and editing high quality video clips is taking waaaaaayyyyyyyyyyy longer than I'd like, but it's worth it to create good stuff! PacktPub authored a tool called Panopto to make videos, but I found it a little frustrating to work with, so I'm going with the following janky - but functional - recording setup: Record raw video using iShowU Pull that video into iMovie and cleanup all the mistakes Record audio in Quicktime Pull audio clips into iMovie and edit those to match up with what's happening in the video Export video as 1080p Additionally, here are a few little tweaks that help the content creation match up with PacktPub's requirements: Resolution should be 1920x1080 (full HD) - I just bought a secondary monitor for this. Specifically, an HP 22cwa. I set my .bashrc file to use all white for the terminal prompt. See this article which helped me out. In Terminal I created a PacktPub profile that has font as Monospace Regular 20pt.

4 Tammi 201815min

Hey folks, I had originally planned to cover the CredDefense toolkit but I couldn't get it working. I'm basically having the same issue that someone reported here. Sooooo....will have to save that for next week. In the meantime, this episode features a story about how I nearly knocked a retina out of my sister's face with an ice ball when I was about 8 years old. Yep, she's still mad about it, but I think 2018 is the year for forgiveness! Enjoy, and we'll talk to you in 2018. Blessings to you and yours!

28 Joulu 201711min

Did I mention I love the Critical Security Controls? I do. And here's an absolute diamond I found this week: This site (http://www.auditscripts.com/free-resources/critical-security-controls/) offers awesome CSC-mapping tools (and they're free!), specifically: A spreadsheet with how the CSCs map to other popular frameworks like ISO and NIST A manual assessment tool for measuring your org - or someone else's org - against the CSCs. Flippin' sweet right? RIGHT! Also, be sure to come and Slack chat with us, as my pal hackernovice is building a tool called MacMon to help you satisfy CSC #1! Lastly, I built an LOL-worthy pentesting recon tool called SSOTT (Scan Some of the Things) that might help you automate some NMAPing, DIRBing, NIKTOing, and the like. Cheggitout!

21 Joulu 201713min

My pal and former coworker Joe Klein joins me in the virtual studio to discuss: His career as a diesel mechanic and insurance guru How to leave a stable job, take a huge pay cut and start a risky infosec internship (sounds like the name of a broadway musical!) The start of his new career as a SOC analyst The importance of having a career cheerleader/mentor Being hungry for knowledge and certifications without being ashamed or afraid to look like a newb CompTIA Security+ and Cisco CCNA Cyber Ops certs The proper pronunciation of the word "dude" How to do a proper Arnold Schwarzenegger impression Other references made in the episode: Arnold Schwarzenegger the love poet Joe welcomes your comments, concerns, insults and questions via email (listen to today's episode for the address!) or Twitter.

14 Joulu 201752min

Two weird things happening in this episode: I'm not in the car, and thus not endangering myself and others while podcasting and driving! My once beloved lav mic made a trip through the Johnson family's washer and dryer. I don't know that she'll ever record anything again. We'll see once it fully dries out (fingers crossed). I spent some time this last week getting back into Windows systems forensics, which has been really fun. If you want a play-by-play guide with some fantastic, practical, hands-on advice, grab yourself a copy of the Blue Team Handbook: Incident Response Edition. I also started a forensics page on BPATTY. Also, I picked up a Google Home Mini for $30 and can honestly say it quickly has found a special place in my tech/geek heart...even if it is recording everything I say and sending it to the NSA. But a small device that will play Michael Buble's Christmas album as soon as I command it with my voice? Worth the privacy sacrifice. Finally, if you're in the St. Paul, MN area tomorrow and wanna hear me come talk about "Blue Team on a Budget," come to the Government IT Symposium - more info here.

7 Joulu 201713min

Sorry the podcast is late this week - but it's all for good reasons! I'm busy as a bee doing a ton of pentesting so I have a smattering of random security stuff to share with you: Mac High Sierra root bug Did you hear about this? Basically anybody could log in as user root on your system without a password because...there isn't a password! Read the Twitter thread where I originally read the news here, read about the root account madness here, and then read how the fix broke file sharing here. BPATTY ROCKS! I tried to wiki-fy my BPATTY project to make it a bit easier to read, so head to bpatty.rocks and let me know what you think! I'm BURPing a lot I can't tell you how fun it has been to get back in the pentesting saddle and hack some Web sites these past few weeks. Here are a few tips/tricks others taught me that have helped me get back in the swing of things: In Burp, state files are being depreciated in favor of project files. Read more here For BApp extensions, here are a few that help you get the job done: retire.js looks for old/outdated/vulnerable Javascript libraries Software vulnerability scanner helps you find vulnerable software, such as old versions of IIS CO2 has a bunch of tricks up its sleeve - my favorite of which is helping you craft sqlmap commands with the right flags More on today's show!

1 Joulu 201714min

Well, after over-teasing this last week, I'm excited to announce that I've started my own company! 7 Minute Security, LLC gives me an outlet to do all my favorite infosec stuff, such as: Network assessments Vulnerability scanning Penetration testing Training Public speaking I welcome you to check out 7MinSec.com for more information. Or 7MinuteSecurity.com or SevenMinuteSecurity.com. Collect 'em all! What does this mean for the podcast? Nada - I'll keep cranking it out. Maybe we'll cover a few more business related topics (people have asked about how to get an LLC off the ground, so I might do an episode or two on that), but otherwise everything's the same! What about the Patreon project? Because I've been blessed with this opportunity - which will in turn help me keep the 7MS lights on - the Patreon campaign will close down soon. For you lovely Patreons, I've sent you a message (via Patreon site and via email) with more details.

22 Marras 201712min

We're continuing to hammer on the CSCs again this week. Here's some rad resources that can get your CSC efforts in the right direction: CIS Implementation Guide for SMEs CIS Cybersecurity quarterly newsletters Netdisco lets you locate machines by MAC or IP, show the corresponding switch port, and disable it if necessary. Defensive Security Handbook isn’t specifically mapped to CSCs but offers great advice to tie into them. Open-Audit tells you what’s on your network, how it’s configured, and when it changes.

16 Marras 20179min