7 Minute Security
7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer.
Episodes
Today I share some tips on creating a better purple team experience for your customers, including:
- Setting up communication channels and cadence
- Giving a heads-up on highs/criticals during testing (not waiting until report time)
- Where appropriate, record videos of attacks to give them more context
In today’s tale of pentest pwnage I talk about a cool ADCS ESC3 attack – which I also did live on this week’s Tuesday TOOLSday. I also talk about Exegol’s licensing plans (and how it might break your pentest deployments if you use ProxmoxRox).
Today I share some tips on presenting a wide variety of content to a wide variety of audiences, including:
- Knowing your audience before you touch PowerPoint
- Understanding your presentation physical hookups and presentation surfaces
- A different way to screen-share via Teams that makes resolution/smoothness way better!
Hi everybody. Today I take it easy (because my brain is friend from the short week) to tell you about the time I think my HP laptop was compromised at the factory!
Today’s fun tale of pentest pwnage discuss an attack path that would, in my opinion, probably be impossible to detect…until it’s too late.
Hey friends! Today Joe “The Machine” Skeen and I tackled GOAD (Game of Active Directory) again – this time covering:
- SQL link abuse between two domains
- Forging inter-realm TGTs to conquer the coveted sevenkingdoms.local!
Join us next month when we aim to overtake essos.local, which will make us rulers over all realms!
Today’s tale of pentest pwnage is another great one! We talk about:
- The SPNless RBCD attack (covered in more detail in this episode)
- Importance of looking at all “branches” of outbound permissions that your user has in BloodHound
- This devilishly effective MSOL-account-stealing PowerShell script (obfuscate it first!)
- A personal update on my frustration with ringing in my ears
Today we’re excited to release ProxmoxRox – a repo of info and scripts to help you quickly spin up Ubuntu and Windows VMs. Also, some important news items:
- 7MinSec.club in-person meeting is happening Wednesday, May 14! More details here.
- We did our second Tuesday TOOLSday this week and showed you some local privesc techniques when you have local admin on an endpoint
Today’s a fun tale of pentest pwnage where we leveraged a WinRM service ticket in combination with the shadow credentials attack, then connected to an important system using evil-winrm and make our getaway with some privileged Kerberos TGTs! I also share an (intentionally) vague story about a personal struggle I could use your thoughts/prayers/vibes with.
Hello! This week Joe “The Machine” Skeen and I kicked off a series all about pentesting GOAD (Game of Active Directory). In part one we covered:
- Checking for null session enumeration on domain controllers
- Enumerating systems with and without SMB signing
- Scraping AD user account descriptions
- Capturing hashes using Responder
- Cracking hashes with Hashcat
Hi friends, today I’m kicking off a series talking about the good/bad/ugly of hosting security services. Today I talk specifically about transfer.zip. By self-hosting your own instance of transfer.zip, you can send and receive HUGE files that are end-to-end encrypted using WebRTC. Sweet! I also supplemented today’s episode with a short live video over at 7MinSec.club.
Hi friends, in this edition of what I’m working on this week:
- 3 pulse-pounding pentests that had…problems
- Something I’m calling the unshadow/reshadow credentials attack
- Heads-up on a new video experiment I’m going to try next week
Hola friends! Today’s tale of pentest pwnage talks about abusing Exchange and the Azure ADSync account! Links to the discussed things:
- adconnectdump – for all your ADSync account dumping needs!
- Adam Chester PowerShell script to dump MSOL service account
- dacledit.py (part of Impacket) to give myself full write privileges on the MSOL sync account: dacledit.py -action ‘write’ -rights ‘FullControl’ -principal lowpriv -target MSOL-...
Hey friends, our good buddy Joe “The Machine” Skeen and I are back this week with part 2 (check out part 1!) tackling GOAD SCCM again! Spoiler alert: this time we get DA! YAY!
Definitely check out these handy SCCM resources to help you – whether it be in the lab or IRL (in real life):
- GOAD SCCM walkthrough
- MisconfigurationManager – tremendous resource for enumerating/attacking/privesc-ing within SCCM
- This gist from Adam Ches...
Today we have a smattering of miscellaneous pentest tips to help you pwn all the stuff!
- Selective Snaffling with Snaffler
- The importance of having plenty of dropbox disk space – for redundant remote connectivity and PXE abuse!
- TGTs can be fun for SMB riffling, targeted Snaffling, netexec-ing and Evil-WinRMing!
In today’s episode I talk about what I’m working on this week, including:
- Playing with Sliver C2 and pairing it with ShellcodePack
- Talking about Netexecer, my upcoming tool that helps automate some of the early/boring stuff in an internal pentest
- A gotcha to watch out for if utilizing netexec’s MSSQL upload/download functionality
Today we live-hack an SCCM server via GOAD SCCM using some attack guidance from Misconfiguration Manager! Attacks include:
- Unauthenticated PXE attack
- PXE (with password) attack
- Relaying the machine account of the MECM box over to the SQL server to get local admin
Hi friends, today we're talking about pentesting potatoes (not really, but this episode is sort of a homage to episode 333 where I went to Boise to do a controls assessment and ended up doing an impromptu physical pentest and social engineer exercise). I talk about what a blast I'm having hunting APTs in XINTRA LABS, and two cool tools I'm building with the help of Cursor:
- A wrapper for Netexec that quickly finds roastable us...
Today we continue our journey from last week where we spun up a Hetzner cloud server and Ludus.cloud SCCM pentesting range! Topics include:
- Building a Proxmox Backup Server (this YouTube video was super helpful)
- Bridging a second WAN IP to the Hetzner/Ludus server
- Wrestling with the Hetzner (10-rule limit!) software firewall
- When attacking SCCM – you can get a version of pxethief that runs in Linux!
Popular Podcasts
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!
The World's Most Dangerous Morning Show, The Breakfast Club, With DJ Envy And Charlamagne Tha God!
The official podcast of comedian Joe Rogan.
The latest news in 4 minutes updated every hour, every day.
The Clay Travis and Buck Sexton Show. Clay Travis and Buck Sexton tackle the biggest stories in news, politics and current events with intelligence and humor. From the border crisis, to the madness of cancel culture and far-left missteps, Clay and Buck guide listeners through the latest headlines and hot topics with fun and entertaining conversations and opinions.