7MS #662: Pentesting Potatoes - Part 2
7 Minute Security14 Feb 2025

7MS #662: Pentesting Potatoes - Part 2

Hi friends, today we're talking about pentesting potatoes (not really, but this episode is sort of a homage to episode 333 where I went to Boise to do a controls assessment and ended up doing an impromptu physical pentest and social engineer exercise). I talk about what a blast I'm having hunting APTs in XINTRA LABS, and two cool tools I'm building with the help of Cursor:

  • A wrapper for Netexec that quickly finds roastable users, machines without SMB signing, clients running Webclient and more.
  • A sifter of Snaffler-captured files to zero in even closer on interesting things such as usernames and passwords in clear text.

Episoder(720)

7MS #616: Interview with Andrew Morris of GreyNoise

7MS #616: Interview with Andrew Morris of GreyNoise

Hey friends, today we have a super fun interview with Andrew Morris of GreyNoise to share. Andrew chatted with us about: Young Andrew's early adventures in hacking his school's infrastructure (note:...

22 Mar 202459min

7MS #615: Tales of Pentest Pwnage – Part 54

7MS #615: Tales of Pentest Pwnage – Part 54

Hey friends, sorry I'm so late with this (er, last) week's episode but I'm back! Today is more of a prep for tales of pentest pwnage, but topics covered include: Make sure when you're snafflin' that...

19 Mar 202421min

7MS #614: How to Succeed in Business Without Really Crying - Part 16

7MS #614: How to Succeed in Business Without Really Crying - Part 16

How much fun I had attending and speaking at Netwrix Connect Being a sales guy in conference situations without being an annoying sales guy in conference situations A recap of the talk I co-presented ...

8 Mar 202436min

7MS #613: Tales of Pentest Pwnage – Part 53

7MS #613: Tales of Pentest Pwnage – Part 53

Today's tale of pentest covers: Farming for credentials (don't forget to understand trusted zones to make this happen properly!) Snaffling for juice file shares Stealing Kerberos tickets with Rubeus

1 Mar 202433min

7MS #612: Pentestatonix - Part 2

7MS #612: Pentestatonix - Part 2

Hello friends, we're still deep in the podcast trenches this quarter and wanted to share some nuggets of cool stuff we've been learning along the way: Snaffler – pairs nicely with PowerHuntShares to ...

25 Feb 202432min

7MS #611: Pentestatonix

7MS #611: Pentestatonix

Hey friends, sorry for the late episode but I've been deep in the trenches of pentest adventures.  I'll do a more formal tale of pentest pwnage when I come up for air, but for now I wanted to share so...

19 Feb 202434min

7MS #610: DIY Pentest Dropbox Tips – Part 9

7MS #610: DIY Pentest Dropbox Tips – Part 9

Hey friends, today we cover a funstrating (that's fun + frustrating) issue we had with our DIY pentest dropboxes. TLDL:   The preseed file got jacked because I had a bad Kali metapackage in it. While...

9 Feb 202420min

7MS #609: First Impressions of Sysreptor

7MS #609: First Impressions of Sysreptor

Hey friends, today is a first impressions episode about Sysreptor, which according to their GitHub page, is a fully customisable, offensive security reporting solution designed for pentesters, red tea...

2 Feb 202430min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden
aftenpodden-usa
forklart
popradet
stopp-verden
fotballpodden-2
rss-gukild-johaug
lydartikler-fra-aftenposten
nokon-ma-ga
det-store-bildet
hanna-de-heldige
dine-penger-pengeradet
rss-ness
rss-espen-lee-usensurert
aftenbla-bla
e24-podden
rss-dannet-uten-piano
rss-penger-polser-og-politikk
frokostshowet-pa-p5