7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer.
https://7ms.us/
Gesamtlänge aller Episoden: 10 days 22 hours 50 minutes
7MS #590: Hacking Billy Madison - Part 2
Today my and I continued hacking (see part one ) and learned some interesting things: You can fuzz a URL with a specific file type using a format like this: wfuzz -c -z file,/root/Desktop/wordlist.txt --hc 404...
7MS #589: Tales of Pentest Pwnage - Part 51
In today's tale of pentest pwnage we talk about: The importance of local admin and how access to even one server might mean instant, full control over their backup or virtualization infrastructure Copying files via WinRM when copying...
7MS #588: Becoming a Sysmon Sensei with Amanda Berlin
Today Amanda Berlin from teaches us how to unlock the power of Sysmon so we can gain insight into the good, bad and ugly things happening on our corporate endpoints! Key takeaways: turns your windows logging up to 11, and pairs...
7MS #587: Hacking Billy Madison
Today my pal Paul from and I hack the heck out of a vulnerable virtual machine that is celebrating its 7th anniversary this month!
7MS #586: DIY Pentest Dropbox Tips – Part 8
Today, sadly, might be the last episode of DIY pentest dropbox tips for a while because I found (well, ChatGPT did actually) the missing link to 100% automate a Kali Linux install! Check for more info on building your Kali preseed file, but...
7MS #585: DIY Pentest Dropbox Tips – Part 7
Hey friends, today I'm super excited to share I found the missing link! Specifically, the missing piece that now allows me to create fully automated Windows 10 installs that serve as virtual pentest jumpboxes. Here are the high points: When...
7MS #584: Tales of Pentest Pwnage - Part 50
In today's tale of pwnage, we'll talk about how domain trusts can be dangerous because they have...well...trust issues.
7MS #583: Cred-Capturing Phishing with Caddy Server
Today we talk about crafting cool cred-capturing phishing campaigns with ! Here's a quick set of install commands for Ubuntu: sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl -1sLf...
7MS #582: Using Wazuh as a SIEM for Work and Home
Today we had a blast playing with as a SIEM you can use for work and/or home. Inspiration for this episode came from . This one-liner will literally get Wazuh installed in about 5 minutes: curl -sO...
7MS #581: Tales of Pentest Pwnage - Part 49
Oooo, giggidy! Today's tale of pentest pwnage is about pwning vCenter with CVE-2021-44228 - a vulnerability that lets us bypass authentication entirely and do/take what we want from vCenter! Key links to make the magic happen: