7MS #445: Certified Red Team Professional
7 Minute Security9 Dec 2020

7MS #445: Certified Red Team Professional

Welp, I need another certification like I need a hole in the head, but that didn't stop me from signing up for the Certified Red Team Professional. So I've started a series on sharing what I'm learning as I proceed through the certification path. (We're also talking about this on the 7MS forums)

Here are some of the highlights from week 1:

  • Boy oh boy is PowerView handy for extracting juicy info out of Active Directory. It works well when served with a side order of the Microsoft signed DLL for the ActiveDirectory PowerShell module

  • I wouldn't say this course is for beginners. You will get some high level intro to PowerShell, Active Directory and pentesting, but you will need to do a ton of self-study and banging around in the lab to fill in some skill gaps.

  • When trying to pop a Jenkins box, I learned about a few new helpful tools I'd never played with before:

    • HFS - simple HTTP file server
    • Powercat - for catching shells!

Then on a personal front, I have a few updates to share as well:

  • The Thanksgiving surprise that brought tears to my eyes

  • The new piece of exercise equipment in the Johnson household that made my wife reach for a barf bag

  • A mysterious sound in the house that lead to the discovery of dead things over Thanksgiving break

Avsnitt(706)

7MS #113: Big Bag of Random Security Stuff

7MS #113: Big Bag of Random Security Stuff

Yep, this episode is EXACTLY what the title implies.

27 Nov 201510min

7MS #112: This is Sparta!

7MS #112: This is Sparta!

This episode is about one of my favorite enumeration tools called Sparta - it's built right into Kali 2. And maybe it was in Kali 1 and I totally missed it. But whatevs. I'm happy to have found it now!

25 Nov 20158min

7MS #111: Hacking WPA Enterprise-Part 2

7MS #111: Hacking WPA Enterprise-Part 2

The thrilling (?) conclusion of my experience hacking WPA Enterprise.

20 Nov 20156min

7MS #110: Hacking WPA Enterprise-Part 1

7MS #110: Hacking WPA Enterprise-Part 1

This episode is about my experience hacking WPA enterprise. Huge mega tiger uppercut thanks to this site for giving me the fixes I needed to get this working on Kali2! https://warroom.securestate.com/index.php/evil-twin-attack-using-hostapd-wpe/

17 Nov 20158min

7MS #109: OFFTOPIC-It Follows and Backcountry

7MS #109: OFFTOPIC-It Follows and Backcountry

Movie reviews of It Follows and Backcountry.

13 Nov 20157min

7MS #108: I'm Going to PWAPT!-Part 2

7MS #108: I'm Going to PWAPT!-Part 2

Here's part 2 (of probably several to come) about my experience with PWAPT (Practical Webapp Pentesting) training last week!

11 Nov 201510min

7MS #107: I'm Going to PWAPT!

7MS #107: I'm Going to PWAPT!

Hey I'm going to PWAPT this week (http://www.eventbrite.com/e/practical-web-application-penetration-testing-with-tim-tomes-lanmaster53-tickets-16718889649), so in this episode I talk about that...and how I'll probably be too info-overloaded to record anything on Thursday :-). Oh, and I had a fun Web app pentest this week that I wanted to share some fun bits on.

3 Nov 20157min

7MS #106: A Day in the Life of an Information Security Analyst

7MS #106: A Day in the Life of an Information Security Analyst

A listener wrote in asking some questions about "a day in the life of" a security analyst, so here's my best stab at it!

30 Okt 201510min

Populärt inom Politik & nyheter

svenska-fall
aftonbladet-krim
motiv
p3-krim
flashback-forever
fordomspodden
rss-viva-fotboll
aftonbladet-daily
politiken
rss-sanning-konsekvens
rss-krimstad
rss-vad-fan-hande
spar
rss-frandfors-horna
olyckan-inifran
dagens-eko
blenda-2
rss-krimreportrarna
rss-expressen-dok
rss-flodet