7MS #651: Tales of Pentest Pwnage – Part 66
Listen now
Description
Hey friends, we’ve got a short but sweet tale of pentest pwnage for you today. Key lessons learned: Definitely consider BallisKit for your EDR-evasion needs If you get local admin to a box, enumerate, enumerate, enumerate!  There might be a delicious task or service set to run as a domain admin that can quickly escalate your privileges!
More Episodes
Published 11/22/24
Oooooo, giggidy! Today is (once again) my favorite tale of pentest pwnage. I learned about a feature of PowerUpSQL that helped me find a “hidden” SQL account, and that account ended up being the key to the entire pentest!  I wonder how many hidden SQL accounts I’ve missed on past pentests….SIGH!...
Published 11/15/24
Today we take a look at a zero-trust / ditch-your-VPN solution called Twingate (not a sponsor but we’d like them to be)!  It also doubles nicely as a primary or backup connection for your DIY pentest dropboxes which we’ve talked about quite a bit here.  In other news, we’ve moved from Teachable...
Published 11/08/24