7 Minute Security cover art

7 Minute Security

7 Minute Security

By: Brian Johnson
Listen for free

About this listen

 7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer.Brian Johnson Politics & Government
Episodes
  • 7MS #681: Pentesting GOAD – Part 3

    7MS #681: Pentesting GOAD – Part 3
    Jun 27 2025

    Today Joe “The Machine” Skeen and I pwn the third and final realm in the world of GOAD (Game of Active Directory): essos.local! The way we go about it is to do a WinRM connection to our previously-pwned Kingslanding domain, coerce authentication out of MEEREEN (the DC for essos.local) and then capture/abuse the TGT with Rubeus! Enjoy.
    Show More Show Less
    18 mins
  • 7MS #680: Tips for a Better Purple Team Experience

    7MS #680: Tips for a Better Purple Team Experience
    Jun 20 2025

    Today I share some tips on creating a better purple team experience for your customers, including:

    • Setting up communication channels and cadence
    • Giving a heads-up on highs/criticals during testing (not waiting until report time)
    • Where appropriate, record videos of attacks to give them more context
    Show More Show Less
    27 mins
  • 7MS #679: Tales of Pentest Pwnage – Part 73

    7MS #679: Tales of Pentest Pwnage – Part 73
    Jun 13 2025

    In today’s tale of pentest pwnage I talk about a cool ADCS ESC3 attack – which I also did live on this week’s Tuesday TOOLSday. I also talk about Exegol’s licensing plans (and how it might break your pentest deployments if you use ProxmoxRox).
    Show More Show Less
    30 mins
No reviews yet