7MS #445: Certified Red Team Professional
7 Minute Security9 Dec 2020

7MS #445: Certified Red Team Professional

Welp, I need another certification like I need a hole in the head, but that didn't stop me from signing up for the Certified Red Team Professional. So I've started a series on sharing what I'm learning as I proceed through the certification path. (We're also talking about this on the 7MS forums)

Here are some of the highlights from week 1:

  • Boy oh boy is PowerView handy for extracting juicy info out of Active Directory. It works well when served with a side order of the Microsoft signed DLL for the ActiveDirectory PowerShell module

  • I wouldn't say this course is for beginners. You will get some high level intro to PowerShell, Active Directory and pentesting, but you will need to do a ton of self-study and banging around in the lab to fill in some skill gaps.

  • When trying to pop a Jenkins box, I learned about a few new helpful tools I'd never played with before:

    • HFS - simple HTTP file server
    • Powercat - for catching shells!

Then on a personal front, I have a few updates to share as well:

  • The Thanksgiving surprise that brought tears to my eyes

  • The new piece of exercise equipment in the Johnson household that made my wife reach for a barf bag

  • A mysterious sound in the house that lead to the discovery of dead things over Thanksgiving break

Avsnitt(720)

7MS #448: Certified Red Team Professional - Part 3

7MS #448: Certified Red Team Professional - Part 3

Today, Gh0sthax and I talk about week 3/4 of the CRTP - Certified Red Team Professional training, and how it's kicking our butts a bit. Key points include: We agree this is not a certification for f...

30 Dec 202048min

7MS #447: Cyber News - The End of 2020 as We Know It Edition

7MS #447: Cyber News - The End of 2020 as We Know It Edition

Merry Christmas! Happy holidays! Please enjoy the last cyber news edition of 2020, brought to us by our good pal Gh0stHax. Stories covered include: You've probably heard this by now, but FireEye had...

23 Dec 202058min

7MS #446: Certified Red Team Professional - Part 2

7MS #446: Certified Red Team Professional - Part 2

Today's episode continues part 1 of our series on the Certified Red Team Professional certification. Key points from today's episode include: It's probably a better idea to run Bloodhound on your lo...

17 Dec 202041min

7MS #444: Interview with Christopher Fielder of Arctic Wolf

7MS #444: Interview with Christopher Fielder of Arctic Wolf

Happy December! Today I virtually sat down with Christopher Fielder of Arctic Wolf, who started his career in security at 18 (I was just playing a lot of video games when I was that old)! Christopher ...

2 Dec 202056min

7MS #443: Cyber News - Thankful for Patches Edition

7MS #443: Cyber News - Thankful for Patches Edition

Happy Thanksgiving! While the turkey and pie settle in your belly, why not also digest some fantastic security news stories with our pal Gh0sthax? Today's stories include: It was another epic month ...

26 Nov 202041min

7MS #442: Tales of Internal Network Pentest Pwnage - Part 23

7MS #442: Tales of Internal Network Pentest Pwnage - Part 23

Hey friends, I dare declare this to be my favorite tale of internal pentest pwnage so far. Why? Because the episode features: Great blue team tools alerting our customer to a lot of the stuff we were...

19 Nov 20201h 9min

7MS #441: SharpGPOAbuse

7MS #441: SharpGPOAbuse

Hello friends! Sorry to be late with this episode (again) but we've been heads-down in a lot of cool security work, coming up for air when we can! Today's episode features: A little welcome music th...

15 Nov 202039min

Populärt inom Politik & nyheter

aftonbladet-krim
rss-krimstad
p3-krim
spar
svenska-fall
aftonbladet-daily
politiken
flashback-forever
rss-expressen-dok
rss-sanning-konsekvens
rss-krimreportrarna
kungligt
ett-rent-noje
rss-vad-fan-hande
motiv
blenda-2
grans
rss-frandfors-horna
rss-flodet
krimmagasinet