7MS #525: First Impressions of InsightIDR - Part 2
7 Minute Security17 Kesä 2022

7MS #525: First Impressions of InsightIDR - Part 2

Today we're sharing an updates to episode #512 where we ran Rapid7's InsightIDR through a bunch of attacks:

  • Active Directory enumeration via SharpHound

  • Password spraying through Rubeus

  • Kerberoasting and ASREPRoasting via Rubeus

  • Network protocol poisoning with Inveigh. Looking for a free way to detect protocol poisoning? Check out CanaryPi.

  • Hash dumping using Impacket. I also talk about an interesting Twitter thread that discusses the detection of hash dumping.

  • Pass-the-hash attacks with CrackMapExec

In today's episode I share some emails and conversations we had with Rapid7 about these tests and their results. I'm also thrilled to share with you the articles themselves:

Jaksot(682)

7MS #2: The Importance of Logging and Alerting! (audio)

7MS #2: The Importance of Logging and Alerting! (audio)

In this episode I talk about how a client of ours learned a hard lesson: that the lack of logging/alerting makes for a pretty miserable investigation after they were breached. Download: Episode 2: The Importance of Logging and Alerting! (audio) Show notes: Public-facing terminal servers without 2FA basically have a sign on their back that…

1 Helmi 20147min

7MS #1: Epic Introduction! (audio)

7MS #1: Epic Introduction! (audio)

In this episode, I talk about the inspiration behind the 7MS podcast and my vision for it going forward. (Admittedly, my ulterior motive is to use this intro episode to figure out how in the heck to get this podcast submitted and visible on iTunes :-). Download Episode 1: Epic Introduction to 7MS (MP3) I’ll…

1 Helmi 20147min

Suosittua kategoriassa Politiikka ja uutiset

rss-podme-livebox
ootsa-kuullut-tasta-2
aikalisa
politiikan-puskaradio
otetaan-yhdet
et-sa-noin-voi-sanoo-esittaa
rss-vaalirankkurit-podcast
rikosmyytit
aihe
rss-mina-ukkola
rss-kaikki-paskaksi-ystavat
rss-hyvaa-huomenta-bryssel
rss-raha-talous-ja-politiikka
rss-kyselytunti
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset
politbyroo
the-ulkopolitist
rss-kalevi-sorsa-saation-podcast
rss-suoraan-asiaan
rss-tyolinjalla-pekka-sauri