7 Minute Security

By: Brian Johnson
  • Summary

  • 7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer.
    Brian Johnson
    Show More Show Less
activate_Holiday_promo_in_buybox_DT_T2
Episodes
  • 7MS #651: Tales of Pentest Pwnage – Part 66
    Nov 22 2024

    Hey friends, we’ve got a short but sweet tale of pentest pwnage for you today. Key lessons learned:

    • Definitely consider BallisKit for your EDR-evasion needs
    • If you get local admin to a box, enumerate, enumerate, enumerate! There might be a delicious task or service set to run as a domain admin that can quickly escalate your privileges!
    Show More Show Less
    31 mins
  • 7MS #650: Tales of Pentest Pwnage - Part 65
    Nov 15 2024

    Oooooo, giggidy! Today is (once again) my favorite tale of pentest pwnage. I learned about a feature of PowerUpSQL that helped me find a “hidden” SQL account, and that account ended up being the key to the entire pentest! I wonder how many hidden SQL accounts I’ve missed on past pentests….SIGH! Check out the awesome BloodHound gang thread about this here.

    Also, can’t get Rubeus monitor mode to capture TGTs to the registry? Try output to file instead:

    rubeus monitor /interval:5 /nowrap /runfor:60 /consoleoutfile:c:\users\public\some-innocent-looking-file.log

    In the tangent department, I talk about a personal music project I’m resurrecting to help my community.

    Show More Show Less
    54 mins
  • 7MS #649: First Impressions of Twingate
    Nov 8 2024

    Today we take a look at a zero-trust / ditch-your-VPN solution called Twingate (not a sponsor but we’d like them to be)! It also doubles nicely as a primary or backup connection for your DIY pentest dropboxes which we’ve talked about quite a bit here. In other news, we’ve moved from Teachable to Coursestack, so if you’ve bought training/ebooks with us before, you should’ve received some emails from us last Friday and can access our new training portal here. (If you THINK you should’ve received enrollment emails from CourseStack and didn’t, drop us a line here.)

    In the tangent portion of our program, I give a health update on my mom and dad, and talk about some resources I’m exploring to reduce stress and anxiety after what has been a tough week for many of us.

    Show More Show Less
    1 hr and 12 mins

What listeners say about 7 Minute Security

Average customer ratings

Reviews - Please select the tabs below to change the source of reviews.