On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Content provided by Brian Johnson. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Brian Johnson or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Similar to 7 Minute Security
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k
200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
A podcast about web design and development.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
Daily Deals
7MS #656: How to Succeed in Business Without Really Crying - Part 21
Manage episode 459159204 series 1288763
Content provided by Brian Johnson. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Brian Johnson or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Happy new year friends! Today we talk about business/personal resolutions, including:
- New year’s resolution on the 7MinSec biz side to have a better work/life balance
- New training offering in the works
- Considering Substack as a communications platform
- A mental health booster that I came across mostly by accident
674 episodes
ShareManage episode 459159204 series 1288763
Content provided by Brian Johnson. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Brian Johnson or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Happy new year friends! Today we talk about business/personal resolutions, including:
- New year’s resolution on the 7MinSec biz side to have a better work/life balance
- New training offering in the works
- Considering Substack as a communications platform
- A mental health booster that I came across mostly by accident
674 episodes
All episodes
×
7
7 Minute Security
Hey friends! Today Joe “The Machine” Skeen and I tackled GOAD (Game of Active Directory) again – this time covering: SQL link abuse between two domains Forging inter-realm TGTs to conquer the coveted sevenkingdoms.local! Join us next month when we aim to overtake essos.local, which will make us rulers over all realms!…
7
7 Minute Security
1 7MS #674: Tales of Pentest Pwnage – Part 71 49:00
49:00 
Play Later 
Play Later 
Lists 
Like 
Liked49:00
Play Later Play Later Lists Like LikedToday’s tale of pentest pwnage is another great one! We talk about: The SPNless RBCD attack (covered in more detail in this episode ) Importance of looking at all “branches” of outbound permissions that your user has in BloodHound This devilishly effective MSOL-account-stealing PowerShell script (obfuscate it first!) A personal update on my frustration with ringing in my ears…
Today we’re excited to release ProxmoxRox – a repo of info and scripts to help you quickly spin up Ubuntu and Windows VMs. Also, some important news items: 7MinSec.club in-person meeting is happening Wednesday, May 14! More details here . We did our second Tuesday TOOLSday this week and showed you some local privesc techniques when you have local admin on an endpoint…
7
7 Minute Security
1 7MS #672: Tales of Pentest Pwnage – Part 70 55:07
55:07 Play Later Play Later Lists Like Liked55:07
Play Later Play Later Lists Like LikedToday’s a fun tale of pentest pwnage where we leveraged a WinRM service ticket in combination with the shadow credentials attack, then connected to an important system using evil-winrm and make our getaway with some privileged Kerberos TGTs! I also share an (intentionally) vague story about a personal struggle I could use your thoughts/prayers/vibes with.…
7
7 Minute Security
Hello! This week Joe “The Machine” Skeen and I kicked off a series all about pentesting GOAD (Game of Active Directory) . In part one we covered: Checking for null session enumeration on domain controllers Enumerating systems with and without SMB signing Scraping AD user account descriptions Capturing hashes using Responder Cracking hashes with Hashcat…
7
7 Minute Security
1 7MS #670: Adventures in Self-Hosting Security Services 36:48
36:48 Play Later Play Later Lists Like Liked36:48
Play Later Play Later Lists Like LikedHi friends, today I’m kicking off a series talking about the good/bad/ugly of hosting security services. Today I talk specifically about transfer.zip . By self-hosting your own instance of transfer.zip, you can send and receive HUGE files that are end-to-end encrypted using WebRTC. Sweet! I also supplemented today’s episode with a short live video over at 7MinSec.club .…
7
7 Minute Security
1 7MS #669: What I’m Working on This Week – Part 3 42:37
42:37 Play Later Play Later Lists Like Liked42:37
Play Later Play Later Lists Like LikedHi friends, in this edition of what I’m working on this week: 3 pulse-pounding pentests that had…problems Something I’m calling the unshadow/reshadow credentials attack Heads-up on a new video experiment I’m going to try next week
7
7 Minute Security
1 7MS #668: Tales of Pentest Pwnage – Part 69 30:22
30:22 Play Later Play Later Lists Like Liked30:22
Play Later Play Later Lists Like LikedHola friends! Today’s tale of pentest pwnage talks about abusing Exchange and the Azure ADSync account! Links to the discussed things: adconnectdump – for all your ADSync account dumping needs! Adam Chester PowerShell script to dump MSOL service account dacledit.py (part of Impacket) to give myself full write privileges on the MSOL sync account: dacledit.py -action ‘write’ -rights ‘FullControl’ -principal lowpriv -target MSOL-SYNC-ACCOUNT -dc-ip 1.2.3.4 domain.com/EXCHANGEBOX$ -k -no-pass Looking to tighten up your Exchange permissions – check out this crazy detailed post…
7
7 Minute Security
Hey friends, our good buddy Joe “The Machine” Skeen and I are back this week with part 2 (check out part 1 !) tackling GOAD SCCM again! Spoiler alert: this time we get DA! YAY! Definitely check out these handy SCCM resources to help you – whether it be in the lab or IRL (in real life): GOAD SCCM walkthrough MisconfigurationManager – tremendous resource for enumerating/attacking/privesc-ing within SCCM This gist from Adam Chester will help you decrypt SCCM creds stored in SQL…
7
7 Minute Security
1 7MS #666: Tales of Pentest Pwnage – Part 68 45:35
45:35 Play Later Play Later Lists Like Liked45:35
Play Later Play Later Lists Like LikedToday we have a smattering of miscellaneous pentest tips to help you pwn all the stuff! Selective Snaffling with Snaffler The importance of having plenty of dropbox disk space – for redundant remote connectivity and PXE abuse! TGTs can be fun for SMB riffling, targeted Snaffling, netexec-ing and Evil-WinRM ing!…
7
7 Minute Security
1 7MS #665: What I'm Working on This Week - Part 2 28:49
28:49 Play Later Play Later Lists Like Liked28:49
Play Later Play Later Lists Like LikedHello there friends, I’m doing another “what I’m working on this week” episode which includes: BPATTY v1.6 release – big/cool/new content to share here PWPUSH – this looks to be an awesome way (both paid and free) to securely share files and passwords
7
7 Minute Security
In today’s episode I talk about what I’m working on this week, including: Playing with Sliver C2 and pairing it with ShellcodePack Talking about Netexecer, my upcoming tool that helps automate some of the early/boring stuff in an internal pentest A gotcha to watch out for if utilizing netexec’s MSSQL upload/download functionality…
7
7 Minute Security
Today we live-hack an SCCM server via GOAD SCCM using some attack guidance from Misconfiguration Manager ! Attacks include: Unauthenticated PXE attack PXE (with password) attack Relaying the machine account of the MECM box over to the SQL server to get local admin
7
7 Minute Security
Hi friends, today we're talking about pentesting potatoes (not really, but this episode is sort of a homage to episode 333 where I went to Boise to do a controls assessment and ended up doing an impromptu physical pentest and social engineer exercise). I talk about what a blast I'm having hunting APTs in XINTRA LABS , and two cool tools I'm building with the help of Cursor : A wrapper for Netexec that quickly finds roastable users, machines without SMB signing, clients running Webclient and more. A sifter of Snaffler -captured files to zero in even closer on interesting things such as usernames and passwords in clear text.…
7
7 Minute Security
1 7MS #661: Baby’s First Hetzner and Ludus – Part 2 37:53
37:53 Play Later Play Later Lists Like Liked37:53
Play Later Play Later Lists Like LikedToday we continue our journey from last week where we spun up a Hetzner cloud server and Ludus.cloud SCCM pentesting range! Topics include: Building a Proxmox Backup Server (this YouTube video was super helpful) Bridging a second WAN IP to the Hetzner/Ludus server Wrestling with the Hetzner (10-rule limit!) software firewall When attacking SCCM – you can get a version of pxethief that runs in Linux !…
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Daily Deals
Daily Deals
Similar to 7 Minute Security
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
A podcast about web design and development.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
