7 Minute Security

7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer.

https://7ms.us/

subscribe
share






7MS #489: Ping Castle


Today we're talking about Ping Castle (not a sponsor), an awesome tool for enumerating tons of info out of your Active Directory environment and identifying weaknesses, misconfigurations and paths to escalation! It's wonderful for both red and blue teamers.

Some of Ping Castle's cool features include being able find:

  • Kerberoastable and ASREPRoastable users
  • Plain text passwords lingering in Group Policy Objects
  • Users with never-expiring passwords
  • Non-supported versions of Windows
  • Machines configured with unconstrained delegation
  • Attack and escalation paths to Domain Admins


fyyd: Podcast Search Engine
share








 October 7, 2021  58m