Evilginx2 is a man-in-the-middle framework that can be utilized to intercept credentials including two-factor methods victims utilize when logging in to a web application. Instead of just duplicating the target web application it proxies traffic to it making the experience seamless to the victim. In this episode Ralph May (@ralphte1) joins Beau Bullock to demo Evilginx2. LINKS: https://github.com/kgretzky/evilginx2 https://breakdev.org/evilginx-2-next-generation-of-phishing-2fa-tokens/

Evilginx2 is a man-in-the-middle framework that can be utilized to intercept credentials including two-factor methods victims utilize when logging in to a web application. Instead of just duplicating the target web application it proxies traffic to it making the experience seamless to the victim. In this episode Ralph May (@ralphte1) joins Beau Bullock to demo Evilginx2. LINKS: <a href="https://github.com/kgretzky/evilginx2" rel="nofollow" target="_blank">https://github.com/kgretzky/evilginx2</a> <a href="https://breakdev.org/evilginx-2-next-generation-of-phishing-2fa-tokens/" rel="nofollow" target="_blank">https://breakdev.org/evilginx-2-next-generation-of-phishing-2fa-tokens/</a>

Evilginx2 Man-in-the-Middle Attacks - Tradecraft Security Weekly #29

This is the Hacker Summer Camp 2018 edition of Tradecraft Security Weekly. In this week's episode Beau Bullock (@dafthack) talks about some of the more interesting items he saw come out of the Black Hat and DEF CON conferences this year. For Show Links: https://wiki.securityweekly.com/TS_Episode28

This is the Hacker Summer Camp 2018 edition of Tradecraft Security Weekly. In this week's episode Beau Bullock (@dafthack) talks about some of the more interesting items he saw come out of the Black Hat and DEF CON conferences this year. For Show Links: <a href="https://wiki.securityweekly.com/TS_Episode28" rel="nofollow" target="_blank">https://wiki.securityweekly.com/TS_Episode28</a>

Black Hat & DEF CON 2018 - Tradecraft Security Weekly #28

Network administrators often utilize Pre-boot Execution Environment (PXE) to rapidly deploy new systems on a network easily. Golden system images can be created with all the software and settings already in place for new systems. In this episode of Tradecraft Security Weekly Beau Bullock (@dafthack) discusses some of the potential attack vectors surrounding PXE boot deployments. Full Show Notes: https://wiki.securityweekly.com/TS_Episode27

Network administrators often utilize Pre-boot Execution Environment (PXE) to rapidly deploy new systems on a network easily. Golden system images can be created with all the software and settings already in place for new systems. In this episode of Tradecraft Security Weekly Beau Bullock (@dafthack) discusses some of the potential attack vectors surrounding PXE boot deployments. Full Show Notes: <a href="https://wiki.securityweekly.com/TS_Episode27" rel="nofollow" target="_blank">https://wiki.securityweekly.com/TS_Episode27</a>

PXE Boot Attacks - Tradecraft Security Weekly #27

During the reconnaissance phase of a penetration test being able to discover employee names and email addresses of an organization is extremely important. It is also important to do so as stealthily as possible. Using open-source techniques and tools it is possible to enumerate employee names and email addresses at an organization. In this episode of Tradecraft Security Weekly Beau Bullock (@dafthack) discusses some of the tools and techniques that can be used to do this. Full Show Notes: https://wiki.securityweekly.com/TS_Episode26

During the reconnaissance phase of a penetration test being able to discover employee names and email addresses of an organization is extremely important. It is also important to do so as stealthily as possible. Using open-source techniques and tools it is possible to enumerate employee names and email addresses at an organization. In this episode of Tradecraft Security Weekly Beau Bullock (@dafthack) discusses some of the tools and techniques that can be used to do this. Full Show Notes: <a href="https://wiki.securityweekly.com/TS_Episode26" rel="nofollow" target="_blank">https://wiki.securityweekly.com/TS_Episode26</a>

OSINT & External Recon Pt. 2: Contact Discovery - Tradecraft Security Weekly #26

Organizations are implementing two-factor on more and more web services. The traditional methods for phishing credentials is no longer good enough to gain access to user accounts if 2FA is setup. In this episode Mike Felch (@ustayready) and Beau Bullock (@dafthack) demonstrate a tool that Mike wrote called CredSniper that assists in cloning portals for harvesting two-factor tokens. Links: https://github.com/ustayready/CredSniper

Organizations are implementing two-factor on more and more web services. The traditional methods for phishing credentials is no longer good enough to gain access to user accounts if 2FA is setup. In this episode Mike Felch (@ustayready) and Beau Bullock (@dafthack) demonstrate a tool that Mike wrote called CredSniper that assists in cloning portals for harvesting two-factor tokens. Links: <a href="https://github.com/ustayready/CredSniper" rel="nofollow" target="_blank">https://github.com/ustayready/CredSniper</a>

Phishing 2FA Tokens with CredSniper - Tradecraft Security Weekly #25

In this episode of Tradecraft Security Weekly hosts Beau Bullock (@dafthack) and Mike Felch (@ustayready) discuss methods for evading network-based detection mechanisms. Many commercial IDS/IPS devices do a pretty decent job of detecting standard pentesting tools like Nmap when no evasion options are used. Additionally, companies are doing a better job at detecting and blocking IP addresses performing password attacks. Proxycannon is a tool that allows pentesters to spin up multiple servers to proxy attempts through to bypass some of these detection mechanisms. Links:  Nmap Evasion Options - https://nmap.org/book/man-bypass-firewalls-ids.html ProxyCannon - https://www.shellntel.com/blog/2016/1/14/update-to-proxycannon

In this episode of Tradecraft Security Weekly hosts Beau Bullock (@dafthack) and Mike Felch (@ustayready) discuss methods for evading network-based detection mechanisms. Many commercial IDS/IPS devices do a pretty decent job of detecting standard pentesting tools like Nmap when no evasion options are used. Additionally, companies are doing a better job at detecting and blocking IP addresses performing password attacks. Proxycannon is a tool that allows pentesters to spin up multiple servers to proxy attempts through to bypass some of these detection mechanisms. Links: Nmap Evasion Options - <a href="https://nmap.org/book/man-bypass-firewalls-ids.html" rel="noopener nofollow" target="_blank">https://nmap.org/book/man-bypass-firewalls-ids.html</a> ProxyCannon - <a href="https://www.shellntel.com/blog/2016/1/14/update-to-proxycannon" rel="noopener nofollow" target="_blank">https://www.shellntel.com/blog/2016/1/14/update-to-proxycannon</a>

Evading Network-Based Detection Mechanisms - Tradecraft Security Weekly #24

It is fairly common for pentesters to discover Cross-Site Scripting (XSS) vulnerabilities on web application assessments. Exploiting these issues potentially allow access to a user's session tokens enabling attackers to navigate a site as the victim in the context of the web application. In this episode the hosts Beau Bullock (@dafthack) &amp; Mike Felch (@ustayready) demonstrate how to exploit a XSS vulnerability to access HTML5 local storage to steal a cookie. (Sorry the camera video feed froze at 9 minutes)

It is fairly common for pentesters to discover Cross-Site Scripting (XSS) vulnerabilities on web application assessments. Exploiting these issues potentially allow access to a user's session tokens enabling attackers to navigate a site as the victim in the context of the web application. In this episode the hosts Beau Bullock (@dafthack) &amp; Mike Felch (@ustayready) demonstrate how to exploit a XSS vulnerability to access HTML5 local storage to steal a cookie. (Sorry the camera video feed froze at 9 minutes)

HTML5 Storage Exfil via XSS - Tradecraft Security Weekly #23

After getting a shell on a server you may or may not have root access. To gain privileged access to a Linux system it may take performing more analysis of the system to find escalation issues. In this episode of Tradecraft Security Weekly Beau Bullock (@dafthack) provides a methodology for performing various privilege escalation techniques against Linux-based systems. Full Show Notes: https://wiki.securityweekly.com/TS_Episode22

After getting a shell on a server you may or may not have root access. To gain privileged access to a Linux system it may take performing more analysis of the system to find escalation issues. In this episode of Tradecraft Security Weekly Beau Bullock (@dafthack) provides a methodology for performing various privilege escalation techniques against Linux-based systems. Full Show Notes: <a href="https://wiki.securityweekly.com/TS_Episode22" rel="nofollow" target="_blank">https://wiki.securityweekly.com/TS_Episode22</a>

Linux Privilege Escalation - Tradecraft Security Weekly #22

In this episode of Tradecraft Security Weekly, Mike Felch discusses with Beau Bullock about the possibilities of using framesets in MS Office documents to send Windows password hashes remotely across the Internet. This technique has the ability to bypass many common security controls so add it to your red team toolboxes.  LINKS: SensePost Blog -  https://www.dropbox.com/s/hmna48mc6qodlrw/TSW%20Episode%2021.mp4?dl=0

In this episode of Tradecraft Security Weekly, Mike Felch discusses with Beau Bullock about the possibilities of using framesets in MS Office documents to send Windows password hashes remotely across the Internet. This technique has the ability to bypass many common security controls so add it to your red team toolboxes. LINKS: SensePost Blog - <a href="https://www.dropbox.com/s/hmna48mc6qodlrw/TSW%20Episode%2021.mp4?dl=0" rel="nofollow" target="_blank"> https://www.dropbox.com/s/hmna48mc6qodlrw/TSW%20Episode%2021.mp4?dl=0</a>

Leaking Windows Creds Externally Via MS Office - Tradecraft Security Weekly #21

Google provides the ability to automatically add events to a calendar directly from emails received by Gmail. This provides a unique situation for phishing attempts as most users haven't been trained to watch their calendar events for social engineering attempts. In this episode Beau Bullock (@dafthack) and Michael Felch (@ustayready) show how to inject events into a targets calendar using MailSniper bypassing some security controls that Google has in place. Links: Blog Post:  https://www.blackhillsinfosec.com/google-calendar-event-injection-mailsniper/

Google provides the ability to automatically add events to a calendar directly from emails received by Gmail. This provides a unique situation for phishing attempts as most users haven't been trained to watch their calendar events for social engineering attempts. In this episode Beau Bullock (@dafthack) and Michael Felch (@ustayready) show how to inject events into a targets calendar using MailSniper bypassing some security controls that Google has in place. Links: Blog Post: <a href="https://www.blackhillsinfosec.com/google-calendar-event-injection-mailsniper/" rel="nofollow" target="_blank"> https://www.blackhillsinfosec.com/google-calendar-event-injection-mailsniper/</a>

Google Event Injection - Tradecraft Security Weekly #20

Want to learn about all of the latest security tools and techniques? This is the show for you! We show you how to install, configure and use a wide variety of security tools for both offense and defense. Whether you are a penetration tester or defending enterprise networks, this show will help you

When pentesting web services or an application that leverage XML files, XML External Entity (XXE) attacks are a great way to start. By injecting an XXE into a well crafted XML payload before it's sent to the server, a penetration tester can trick the parser into executing other actions that the developer never intended. This can lead to reading local files, server-side request forgeries (SSRF) or even gaining remote code execution (RCE). To help penetration testers, Beau Bullock (@dafthack) and Mike Felch (@ustayready) cover a few different methods to attack XML parsers in episode 19 of Tradecraft Security Weekly. Links:  https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Prevention_Cheat_Sheet

When pentesting web services or an application that leverage XML files, XML External Entity (XXE) attacks are a great way to start. By injecting an XXE into a well crafted XML payload before it's sent to the server, a penetration tester can trick the parser into executing other actions that the developer never intended. This can lead to reading local files, server-side request forgeries (SSRF) or even gaining remote code execution (RCE). To help penetration testers, Beau Bullock (@dafthack) and Mike Felch (@ustayready) cover a few different methods to attack XML parsers in episode 19 of Tradecraft Security Weekly. Links: <a href="https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Prevention_Cheat_Sheet" rel="nofollow" target="_blank"> https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Prevention_Cheat_Sheet</a>

Dissecting XXE Attacks - Tradecraft Security Weekly #19

Domain fronting is a technique used to mask command and control (C2) traffic. It is possible for C2 channels to be proxied through CDN's like Cloudfront to make it appear like normal Internet traffic. It is very difficult to detect and block for defenders as it appears as if clients on a network are connecting to valid CDN domains. But, in reality it is transporting a command and control channel. In this episode of Tradecraft Security Weekly Beau Bullock (@dafthack) is joined by Ralph May (@ralphte1) to talk about what domain fronting is and how to set it up using Cloudfront and PowerShell Empire. Full Show Notes: https://wiki.securityweekly.com/TS_Episode18 LINKS:  https://blog.cobaltstrike.com/2017/02/06/high-reputation-redirectors-and-domain-fronting/ https://signal.org/blog/doodles-stickers-censorship/  https://www.securityartwork.es/2017/01/24/camouflage-at-encryption-layer-domain-fronting/ https://trac.torproject.org/projects/tor/wiki/doc/meek  http://bryceboe.com/2012/03/12/bypassing-gogos-inflight-internet-authentication/

Domain fronting is a technique used to mask command and control (C2) traffic. It is possible for C2 channels to be proxied through CDN's like Cloudfront to make it appear like normal Internet traffic. It is very difficult to detect and block for defenders as it appears as if clients on a network are connecting to valid CDN domains. But, in reality it is transporting a command and control channel. In this episode of Tradecraft Security Weekly Beau Bullock (@dafthack) is joined by Ralph May (@ralphte1) to talk about what domain fronting is and how to set it up using Cloudfront and PowerShell Empire. Full Show Notes: <a href="https://wiki.securityweekly.com/TS_Episode18" rel="nofollow" target="_blank">https://wiki.securityweekly.com/TS_Episode18</a> LINKS: <a href="https://blog.cobaltstrike.com/2017/02/06/high-reputation-redirectors-and-domain-fronting/" rel="nofollow" target="_blank"> https://blog.cobaltstrike.com/2017/02/06/high-reputation-redirectors-and-domain-fronting/</a> <a href="https://signal.org/blog/doodles-stickers-censorship/" rel="nofollow" target="_blank">https://signal.org/blog/doodles-stickers-censorship/</a> <a href="https://www.securityartwork.es/2017/01/24/camouflage-at-encryption-layer-domain-fronting/" rel="nofollow" target="_blank"> https://www.securityartwork.es/2017/01/24/camouflage-at-encryption-layer-domain-fronting/</a> <a href="https://trac.torproject.org/projects/tor/wiki/doc/meek" rel="nofollow" target="_blank">https://trac.torproject.org/projects/tor/wiki/doc/meek</a> <a href="http://bryceboe.com/2012/03/12/bypassing-gogos-inflight-internet-authentication/" rel="nofollow" target="_blank"> http://bryceboe.com/2012/03/12/bypassing-gogos-inflight-internet-authentication/</a>

Domain Fronting - Tradecraft Security Weekly #18

If you are a penetration tester password cracking is something you will inevitably do. On most engagements we typically don't have months on end to crack passwords. In an effort to help be more efficient in your cracking techniques Beau Bullock (@dafthack) describes various ways to streamline your approach to cracking in episode 17 of Tradecraft Security Weekly. LINKS: Beau's blog post on password cracking - http://www.dafthack.com/blog/howtocrackpasswordhashesefficiently Hashcat Hash Examples - https://hashcat.net/wiki/doku.php?id=example_hashes

If you are a penetration tester password cracking is something you will inevitably do. On most engagements we typically don't have months on end to crack passwords. In an effort to help be more efficient in your cracking techniques Beau Bullock (@dafthack) describes various ways to streamline your approach to cracking in episode 17 of Tradecraft Security Weekly. LINKS: Beau's blog post on password cracking - <a href="http://www.dafthack.com/blog/howtocrackpasswordhashesefficiently" rel="nofollow" target="_blank">http://www.dafthack.com/blog/howtocrackpasswordhashesefficiently</a> Hashcat Hash Examples - <a href="https://hashcat.net/wiki/doku.php?id=example_hashes" rel="nofollow" target="_blank">https://hashcat.net/wiki/doku.php?id=example_hashes</a>

Cracking Password Hashes Efficiently - Tradecraft Security Weekly #17

There are a ton of modules in Metasploit that are extremely useful for performing various attacks post-exploitation. But sometimes there are external tools that you might want to use that are not included in Metasploit. It's possible to proxy other external tools through a Meterpreter session using a module in Metasploit and proxychains. In this episode Derek Banks (@0xderuke) and Beau Bullock (@dafthack) talk about how to pivot external tools through Meterpreter sessions and demo how to dump Kerberos tickets using this method. LINKS: BHIS Toast to Kerberoast Blog - https://www.blackhillsinfosec.com/a-toast-to-kerberoast/

There are a ton of modules in Metasploit that are extremely useful for performing various attacks post-exploitation. But sometimes there are external tools that you might want to use that are not included in Metasploit. It's possible to proxy other external tools through a Meterpreter session using a module in Metasploit and proxychains. In this episode Derek Banks (@0xderuke) and Beau Bullock (@dafthack) talk about how to pivot external tools through Meterpreter sessions and demo how to dump Kerberos tickets using this method. LINKS: BHIS Toast to Kerberoast Blog - <a href="https://www.blackhillsinfosec.com/a-toast-to-kerberoast/" rel="nofollow" target="_blank">https://www.blackhillsinfosec.com/a-toast-to-kerberoast/</a>

Pivoting Tools Through Meterpreter - Tradecraft Security Weekly #16

Session management in web applications is extremely important in regards to securing user credentials and integrity within the application. Sometimes session tokens can be predicted provided the overall randomness is weak. If this is possible a remote attacker may be able to compromise the session of an authenticated user. In this episode of Tradecraft Security Weekly both Beau Bullock (@dafthack) and Mike Felch (@ustayready) discuss the issues associated with creating session tokens with weak entropy.

Session management in web applications is extremely important in regards to securing user credentials and integrity within the application. Sometimes session tokens can be predicted provided the overall randomness is weak. If this is possible a remote attacker may be able to compromise the session of an authenticated user. In this episode of Tradecraft Security Weekly both Beau Bullock (@dafthack) and Mike Felch (@ustayready) discuss the issues associated with creating session tokens with weak entropy.

Identifying Weak Session Tokens Using Entropy - Tradecraft Security Weekly #15

A very common attack that many networks are vulnerable to is called LLMNR or NBT-NS poisoning. Through this attack it is possible to gain access to a user's NTLMv1 or v2 password hash. A more interesting attack can be carried out under the same premise though. Instead of just obtaining a password hash the user's authenticated session to another host can be exploited to run arbitrary code on the server. In this episode of Tradecraft Security Weekly Beau Bullock (@dafthack) shows how to perform this attack using the PowerShell tool Inveigh.

A very common attack that many networks are vulnerable to is called LLMNR or NBT-NS poisoning. Through this attack it is possible to gain access to a user's NTLMv1 or v2 password hash. A more interesting attack can be carried out under the same premise though. Instead of just obtaining a password hash the user's authenticated session to another host can be exploited to run arbitrary code on the server. In this episode of Tradecraft Security Weekly Beau Bullock (@dafthack) shows how to perform this attack using the PowerShell tool Inveigh.

Relaying NTLMv1/v2 - Tradecraft Security Weekly #14

There were a lot of amazing new tools and techniques released at Hacker Summer Camp 2017. In this week's episode of Tradecraft Security Weekly Beau Bullock (@dafthack) talks about some of the more interesting items he saw at the Black Hat and DEF CON conferences. Full Show Notes: https://wiki.securityweekly.com/TS_Episode13 LINKS:   Kali Linux Revealed - https://www.kali.org/download-kali-linux-revealed-book/ Spiderlabs Portia - https://github.com/SpiderLabs/portia Duo isthislegit and phimm - https://duo.com/blog/new-open-source-phishing-tools-isthislegit-and-phinn Revoke-obfuscation - https://www.fireeye.com/blog/threat-research/2017/07/revoke-obfuscation-powershell.html &amp; https://github.com/danielbohannon/Revoke-Obfuscation EAPHammer - https://github.com/s0lst1c3/eaphammer Kwetza - https://github.com/sensepost/kwetza Koadic - https://github.com/zerosum0x0/koadic SRDI - https://github.com/monoxgas/sRDI Yasuo - https://github.com/0xsauby/yasuo Printer Exploit Kit - https://www.pcmag.com/news/355256/your-printer-can-steal-and-deface-your-documents &amp; https://github.com/RUB-NDS/PRET 

There were a lot of amazing new tools and techniques released at Hacker Summer Camp 2017. In this week's episode of Tradecraft Security Weekly Beau Bullock (@dafthack) talks about some of the more interesting items he saw at the Black Hat and DEF CON conferences. Full Show Notes: <a href="https://wiki.securityweekly.com/TS_Episode13" rel="nofollow" target="_blank">https://wiki.securityweekly.com/TS_Episode13</a> LINKS:  <ul> <li>Kali Linux Revealed - <a href="https://www.kali.org/download-kali-linux-revealed-book/" rel="nofollow" target="_blank">https://www.kali.org/download-kali-linux-revealed-book/</a></li> <li>Spiderlabs Portia - <a href="https://github.com/SpiderLabs/portia" rel="nofollow" target="_blank">https://github.com/SpiderLabs/portia</a></li> <li>Duo isthislegit and phimm - <a href="https://duo.com/blog/new-open-source-phishing-tools-isthislegit-and-phinn" rel="nofollow" target="_blank">https://duo.com/blog/new-open-source-phishing-tools-isthislegit-and-phinn</a></li> <li>Revoke-obfuscation - <a href="https://www.fireeye.com/blog/threat-research/2017/07/revoke-obfuscation-powershell.html" rel="nofollow" target="_blank">https://www.fireeye.com/blog/threat-research/2017/07/revoke-obfuscation-powershell.html</a> &amp; <a href="https://github.com/danielbohannon/Revoke-Obfuscation" rel="nofollow" target="_blank">https://github.com/danielbohannon/Revoke-Obfuscation</a></li> <li>EAPHammer - <a href="https://github.com/s0lst1c3/eaphammer" rel="nofollow" target="_blank">https://github.com/s0lst1c3/eaphammer</a></li> <li>Kwetza - <a href="https://github.com/sensepost/kwetza" rel="nofollow" target="_blank">https://github.com/sensepost/kwetza</a></li> <li>Koadic - <a href="https://github.com/zerosum0x0/koadic" rel="nofollow" target="_blank">https://github.com/zerosum0x0/koadic</a></li> <li>SRDI - <a href="https://github.com/monoxgas/sRDI" rel="nofollow" target="_blank">https://github.com/monoxgas/sRDI</a></li> <li>Yasuo - <a href="https://github.com/0xsauby/yasuo" rel="nofollow" target="_blank">https://github.com/0xsauby/yasuo</a></li> <li>Printer Exploit Kit - <a href="https://www.pcmag.com/news/355256/your-printer-can-steal-and-deface-your-documents" rel="nofollow" target="_blank">https://www.pcmag.com/news/355256/your-printer-can-steal-and-deface-your-documents</a> &amp; <a href="https://github.com/RUB-NDS/PRET" rel="nofollow" target="_blank">https://github.com/RUB-NDS/PRET</a></li> </ul>

Black Hat & DEF CON 2017 - Tradecraft Security Weekly #13

On penetration tests we are often-times faced with very large external or internal attack surfaces that are made up of multiple web applications. When there is a need to assess thousands of webapps quickly manually navigating each page with a browser would be very inefficient. In this episode of Tradecraft Security Weekly Beau Bullock (@dafthack) details how to automatically screenshot multiple web applications for quick analysis. Full Show Notes: https://wiki.securityweekly.com/TS_Episode12 LINKS: EyeWitness - https://github.com/ChrisTruncer/EyeWitness  Rawr - https://bitbucket.org/al14s/rawr/wiki/Home  httpscreenshot - https://github.com/breenmachine/httpscreenshot  Peeping Tom - https://bitbucket.org/LaNMaSteR53/peepingtom/  PowerWebShot - https://github.com/dafthack/PowerWebShot

On penetration tests we are often-times faced with very large external or internal attack surfaces that are made up of multiple web applications. When there is a need to assess thousands of webapps quickly manually navigating each page with a browser would be very inefficient. In this episode of Tradecraft Security Weekly Beau Bullock (@dafthack) details how to automatically screenshot multiple web applications for quick analysis. Full Show Notes: <a href="https://wiki.securityweekly.com/TS_Episode12" rel="nofollow" target="_blank">https://wiki.securityweekly.com/TS_Episode12</a> LINKS: EyeWitness - <a href="https://github.com/ChrisTruncer/EyeWitness" rel="nofollow" target="_blank">https://github.com/ChrisTruncer/EyeWitness</a> Rawr - <a href="https://bitbucket.org/al14s/rawr/wiki/Home" rel="nofollow" target="_blank">https://bitbucket.org/al14s/rawr/wiki/Home</a> httpscreenshot - <a href="https://github.com/breenmachine/httpscreenshot" rel="nofollow" target="_blank">https://github.com/breenmachine/httpscreenshot</a> Peeping Tom - <a href="https://bitbucket.org/LaNMaSteR53/peepingtom/" rel="nofollow" target="_blank">https://bitbucket.org/LaNMaSteR53/peepingtom/</a> PowerWebShot - <a href="https://github.com/dafthack/PowerWebShot" rel="nofollow" target="_blank">https://github.com/dafthack/PowerWebShot</a>

Automating Screenshots to Quickly Assess Many WebApps - Tradecraft Security Weekly #12

Email tends to be the primary communication platform for employees of an organization. Often times sensitive data is transmitted from one internal employee to another via this mechanism with no regard for security. In this episode of Tradecraft Security Weekly Beau Bullock (@dafthack) shows how to use a PowerShell-based tool called MailSniper to search through the mailboxes of employees at an organization for sensitive data. LINKS: MailSniper - https://github.com/dafthack/MailSniper Office365 Compliance Search - https://msitpros.com/?p=3678 Full Show Notes: https://wiki.securityweekly.com/TS_Episode11

Email tends to be the primary communication platform for employees of an organization. Often times sensitive data is transmitted from one internal employee to another via this mechanism with no regard for security. In this episode of Tradecraft Security Weekly Beau Bullock (@dafthack) shows how to use a PowerShell-based tool called MailSniper to search through the mailboxes of employees at an organization for sensitive data. LINKS: MailSniper - <a href="https://github.com/dafthack/MailSniper" rel="nofollow" target="_blank">https://github.com/dafthack/MailSniper</a> Office365 Compliance Search - <a href="https://msitpros.com/?p=3678" rel="nofollow" target="_blank">https://msitpros.com/?p=3678</a> Full Show Notes: <a href="https://wiki.securityweekly.com/TS_Episode11" rel="nofollow" target="_blank">https://wiki.securityweekly.com/TS_Episode11</a>

Sensitive Data Discovery in Email with MailSniper - Tradecraft Security Weekly #11

How do you perform incident response on systems in your environment at scale or when the system that needs to be analyzed is in a geographically different location than your analysts? What if you need to do this and have no real budget to work with to use commercial tools? The answer is Google Rapid Response (Google GRR). In this Blue Team Edition Episode of Tradecraft Security Weekly we (@0xderuke &amp; @dafthack) demonstrate retrieving a potentially weaponized spreadsheet from a remote computer system using GRR. LINKS: http://github.com/google/grr

How do you perform incident response on systems in your environment at scale or when the system that needs to be analyzed is in a geographically different location than your analysts? What if you need to do this and have no real budget to work with to use commercial tools? The answer is Google Rapid Response (Google GRR). In this Blue Team Edition Episode of Tradecraft Security Weekly we (@0xderuke &amp; @dafthack) demonstrate retrieving a potentially weaponized spreadsheet from a remote computer system using GRR. LINKS: <a href="http://github.com/google/grr" rel="nofollow" target="_blank">http://github.com/google/grr</a>

Live Response with Google Rapid Response (Blue Team Edition) - Tradecraft Security Weekly #10

Tradecraft is my favorite Security Weekly podcast. The demos are spot on and give immediately useable information. Great job guys and keep it coming!

Best Podcast for Offensive Security

This is the best, most objective and only SW property I can bare to digest.

By far best 'Security Weekly' podcast

Tradecraft Security Weekly (Video)

The best podcast episodes about true crime. For any thrill seeking podcast listeners who just can't get enough of the captivating stories of murderers and criminals. This topic has all the best episodes from many different true crime podcasts.  Add episodes you're interested into your queue below!

Best True Crime Podcasts

The best podcasts on investing. For anyone interested in the stories in the investing industry, whether it's an interview with Ray Dalio or Ed Thorp to the writer of The Big Short. This topic includes the most fascinating stories from all the best investors. Add episodes you're interested into your queue below!