7MS #462: Pentesting with the Hak5 Key Croc
7 Minute Security7 Huhti 2021

7MS #462: Pentesting with the Hak5 Key Croc

Today we talk through our first engagement using Hak5 Key Croc to steal and exfil data. In the past, my internal monologue when a new Hak5 toy is released sounds like this:

  1. "I certainly don't need another Hak5 doo-dad! The last one didn't ever work that great, and ended up in a drawer full of past Hak5 doo-dads that didn't work that great."

  2. "Whaaaaat? A new cool and hip video for the INSERT_CATCHY_HAK5_TOOL_NAME is out? Pffft. I don't need that."

  • 5 seconds go by...

  1. "Well it's just $100, shut up and take my money!"

  2. "It came in the mail today! It has a cool envelope and everything!"

  3. "Hrm, I followed the quick start video and 3 of the 10 steps don't work for me. I'll hit the forums. Huh, everybody seems to be having this problem.

  • 5 days go by...
  1. "Neat! With a little help from SassyGal67 and StarWarsFreak_XXL on the forums, I hacked together my own fix for these issues. Now the core functionality of the device works, but the GUI is totally broken and you have to factory reset it with every use. Cool!"
  • Deep breath. Tosses doo-dad in a drawer full of past Hak5 doo-dads that didn't work that great.

So with all that said, was our experience with the Key Croc any different? Check out today's episode to find out!

Jaksot(689)

7MS #25: Writing Better Pentest Reports (audio)

7MS #25: Writing Better Pentest Reports (audio)

This episode talks about some pointers, tools and tips towards writing better pentest reports. Download: 7MS #25: Writing Better Pentest Reports (audio)

23 Elo 20148min

7MS #24: Why Wireless Scares Me (audio)

7MS #24: Why Wireless Scares Me (audio)

This episode is all about why you should (probably not) use wireless hotspots, and keeping yourself safe in general when surfing the Web. Download: 7MS #24: Why Wireless Scares Me (audio)

16 Elo 20147min

7MS #23: OSCP – part 2 (audio)

7MS #23: OSCP – part 2 (audio)

In this episode I talk more about my adventures with OSCP and Offensive Security! . Download: 7MS #23: OSCP – part 2 (audio) Show notes: I recommend documenting ALL the exercises in the PDF. My understanding is that extra effort could be rewarded if you don’t do so hot on your final exam. Buffer overflows make…

9 Elo 20147min

7MS #22: Phishing with Black Squirrel (audio)

7MS #22: Phishing with Black Squirrel (audio)

In this episode I talk about using Black Squirrel to launch phishing campaigns! Download: 7MS #22: Phishing with Black Squirrel (audio) Show notes: Security Weekly is an excellent podcast/resource. Devour it regularly. Black Squirrel is the main tool discussed in this podcast. I’ve been using it for phishing campaigns and it’s been excellent in that capacity.

27 Heinä 20147min

7MS #21: OSCP – part 1 (audio)

7MS #21: OSCP – part 1 (audio)

In this episode I talk about my venture into Offensive Security! . Download: 7MS #21: OSCP – part 1 (audio) Show notes: It’s official – I have a death wish and have started the OSCP training. This episode is the first of what I hope will be a multi-part, spoiler-free series about my experience with OSCP. With…

20 Heinä 20147min

7MS #20: Moving from GoDaddy to DNSimple (audio)

7MS #20: Moving from GoDaddy to DNSimple (audio)

In this episode I talk about why I’m pulling my domains from GoDaddy, and making DNSimple their new home. Download: 7MS #20: Moving from GoDaddy to DNSimple (audio) Show notes: The service I’m talking about in this podcast is DNSimple. Troy Hunt‘s humorous/awesome article pushed me over the edge and convinced me to give DNSimple a…

15 Heinä 20147min

7MS #19: Kioptrix! (audio)

7MS #19: Kioptrix! (audio)

In this episode I talk about a deliciously vulnerable series of VMs called Kioptrix, and how you can use them to sharpen your pentesting skills. Download: 7MS #19: Kioptrix! (audio) Show notes: The Kioptrix series of VMs is here: http://www.kioptrix.com/blog/test-page/ and here: http://vulnhub.com/?q=kioptrix&sort=date-des&type=vm. Got approved for my OSCP training and I start it in a few…

5 Heinä 20147min

7MS #18: Wireless Security 101 (audio)

7MS #18: Wireless Security 101 (audio)

In this episode I talk about some wireless security basics that we’re not seeing when out on assessments. Download: 7MS #18: Wireless Security 101 (audio) Show notes: WEP encryption is very, very bad. It’s easy to crack. Don’t use it. Wifite will demonstrate how easy it is to crack WEP. Stronger encryption such as WPA/WPA2…

22 Kesä 20147min

Suosittua kategoriassa Politiikka ja uutiset

ootsa-kuullut-tasta-2
rss-podme-livebox
rss-ootsa-kuullut-tasta
aikalisa
politiikan-puskaradio
rss-vaalirankkurit-podcast
et-sa-noin-voi-sanoo-esittaa
otetaan-yhdet
aihe
rikosmyytit
rss-sinivalkoinen-islam
the-ulkopolitist
rss-raha-talous-ja-politiikka
rss-mina-ukkola
politbyroo
radio-antro
rss-kaikki-uusiksi
rss-hyvaa-huomenta-bryssel
rss-merja-mahkan-rahat
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset