7MS #334: IT Security Horrors That Keep You Up at Night

In today's episode we talk about Purple Knight, a free tool to help assess your organization's Active Directory security. I stuck Purple Knight in our Light Pentest LITE pentest training lab and did a...

1 Juli 202252min

Today's another fun tale of pentest pwnage - specifically focused on cracking a hash type I'd never paid much attention to before: cached domain credentials. I also learned that you can at least parti...

24 Juni 202234min

Today we're sharing an updates to episode #512 where we ran Rapid7's InsightIDR through a bunch of attacks: Active Directory enumeration via SharpHound Password spraying through Rubeus Kerberoas...

17 Juni 202233min

I'm extra psyched today, because today's episode (which is all about updating your VMWare ESXi version via command line) is complemented by video: https://www.youtube.com/watch?v=0-XAO32LEPY Shortly ...

10 Juni 202233min

Well friends, it has been a while since we talked about Microsoft's awesome Local Administrator Password Solution - specifically, the last time was way back in 2017! Lately I've been training some com...

3 Juni 202238min

Hey friends, a while back in episode #505 we talked about pwning wifi PSKs and PMKIDs with Bettercap. Today I'm revisiting that with even some more fun command line kung fu to help you zero in on just...

27 Maj 202235min

Hey friends! Today's another swell tale of pentest pwnage, and it's probably my favorite one yet (again)! This tale involves resource based constrained delegation, which is just jolly good evil fun! H...

20 Maj 202257min

Hey friends, today we're giving another peek behind the curtain of what it's like to run a cybersecurity consultancy. Topics include: Setting the right communication cadence - and communication chan...

13 Maj 202248min