loader from loading.io

7MS #703: Tales of Pentest Pwnage – Part 79

7 Minute Security

Release Date: 11/28/2025

7MS #731: CARTP – Cloud Red Team Tactics for Attacking and Defending Azure – THE FINAL CHAPTER! show art 7MS #731: CARTP – Cloud Red Team Tactics for Attacking and Defending Azure – THE FINAL CHAPTER!

7 Minute Security

Hey friends! Fair warning: today’s episode is a bit of an emotional rollercoaster — we’ve got a big security win, some honest lab feedback, and a very personal share about my dad’s funeral. Buckle up.  certified, baby! — I’m officially a , courtesy of the folks at . It’s been a long time coming (I originally signed up for the live version and fell off after missing a couple Saturdays), but I came back for the self-paced 30-day version and finally finished the job. The lab experience — the good: — ~25 objectives, a solid lab guide, and a really fun...

info_outline
7MS #730: Baby’s First Project Swarm show art 7MS #730: Baby’s First Project Swarm

7 Minute Security

Hey friends! Still your grieving pal over here, but also your swarming friend and Protecting My Network Edge host — because this week I’ve been tinkering with something called  and I’ve got my diapers on regarding it, but I really, really like what I see so far. Then, fair warning, I flip on the tangent light and verbally barf up some personal stuff at the end. I’ll make the hand-off super clear, so if you want your free security podcast to do exactly what you want and nothing else — totally fair, and you won’t offend me by hopping off. Here’s what we cover: ...

info_outline
7MS #729: Pwning Dracarys show art 7MS #729: Pwning Dracarys

7 Minute Security

Hey friends! Still your grieving pal over here, but also your happy hacking host — because today we’re diving into baby’s first ! (Yes, I’m probably pronouncing that wrong. Yes, I’m going to keep saying it anyway.) Quick housekeeping: A few days ago I published a mini-series episode from our  series, where I shared the news that my dad passed away last Friday. So many of you reached out with condolences — thank you from the bottom of my heart. I’ll share a little life update at the end of this episode. But first — Dracarys! I didn’t know it existed until...

info_outline
7MS #728: Securing Your Family During and After a Disaster – Part 8 show art 7MS #728: Securing Your Family During and After a Disaster – Part 8

7 Minute Security

Hey friends! This is a tough one to write. My dad passed away on Friday, and instead of the hacker-y tech episode I had planned, I pivoted to something more personal — another installment of our “Securing Your Family During and After a Disaster” series. I talk pretty raw and transparently today about loss, grief, and the practical stuff that makes a hard situation just a little less hard. Fair warning: it’s about death and dying, so if that’s not where your head is today, it’s totally okay to duck out – we’ll catch you next week. Here’s what I cover: My dad’s last...

info_outline
7MS #727: Securing Your Mental Health – Part 7 show art 7MS #727: Securing Your Mental Health – Part 7

7 Minute Security

Hello friends! It’s been over a year since we did a dedicated mental health episode, so today I’m doing a big catch-up and running through my 7-point plan for being a more mentally secure me. None of this is professional medical advice (I am most definitely not a doctor or therapist — well, actually, I am in therapy, but that’s tip #5), so take what’s useful and leave what isn’t. Terms and conditions apply. Here’s my current mental health toolkit: Drink a ton of water — I try to chug a full Yeti thermos before my morning mint hot cocoa, then keep it going...

info_outline
7MS #726: Baby’s First Hermes show art 7MS #726: Baby’s First Hermes

7 Minute Security

Hello friends! I’ve been on a bit of an AI agent journey lately, and today I’m sharing my experience ditching OpenClaw and going all-in on  — a self-hosted AI agent built by . A  sold me on it, I wiped my Mac Mini (again), and baby’s first Hermes adventure began! Here’s what we get into today: Why I left OpenClaw — After getting the Mac Mini set up, OpenClaw left me feeling pretty meh: burning through API requests, random mid-conversation shutdowns, and a marketplace where the top listings were flagged as “potentially malicious.” Hard pass....

info_outline
7MS #725: Building a Bulletproof Backup Solution show art 7MS #725: Building a Bulletproof Backup Solution

7 Minute Security

Hey friends! Backups are not as cool as pentesting, but boy do they matter when things go sideways. This week I’m sharing how a Proxmox backup disk space meltdown led me to a completely overhauled — and honestly pretty bulletproof — backup setup for both home and work. Claude played a big role in helping me sort it all out. Here’s what we get into: The backup history tour — I’ve been through CrashPlan, Dropbox, Backblaze (which saved my bacon after my  in 2019!), and a mystery one that may or may not have had “Panda” in the name. These days I’m settled...

info_outline
7MS #724: Tales of Pentest Pwnage - Part 85 show art 7MS #724: Tales of Pentest Pwnage - Part 85

7 Minute Security

Hey friends! Today we’re going deep on external network pentesting — something I realize we’ve barely touched in however many episodes we’ve done. I’m currently in a long stretch of back-to-back external assessments, so it felt like a good time to talk about it. Here’s what we get into: Scoping headaches — why the old “count your public IPs and multiply by a big hourly rate” approach drives me crazy, and how we actually scope external tests to be fair to everyone Web apps in scope or not? — this needs its own conversation before the test starts, and skipping...

info_outline
7MS #723: CARTP - Cloud Red Team Tactics for Attacking and Defending Azure - Part 1 show art 7MS #723: CARTP - Cloud Red Team Tactics for Attacking and Defending Azure - Part 1

7 Minute Security

Hello friends! Today’s a hybrid episode — some security content up top about a new certification I’ve kicked off, followed by an aggressively quick trip to Tangent Town. Feel free to bail after the security stuff if tangents aren’t your thing! The security part: starting CARTP I’ve started the Certified Azure Red Team Professional course from Altered Security (). It’s the Azure follow-up to , which I took a few years back. Quick notes: Why now: Active Directory and internal pentests will always be my first love, but more and more of our customers are...

info_outline
7MS #722: I Turned My Phone Into a Brick show art 7MS #722: I Turned My Phone Into a Brick

7 Minute Security

Hey friends! Quasi-vacation week over here, so today’s episode is lighter and more personal: just a story about how I turned my phone into a “” (kind of) and what that’s done for my mental health over the past week. The product is called Brick (). Not sponsored, no discount code — just something I’ve genuinely been enjoying. It’s a $50 NFC dongle + app that lets you “brick” your time-waster apps until you physically tap the brick again. Here’s what stood out: The physical separation is the magic. Other digital-wellbeing apps just need a code to unlock —...

info_outline
 
More Episodes

Happy Thanksgiving week friends! Today we’re celebrating a turkey and pie overload by sharing another fun tale of pentest pwnage! It involves using pygpoabuse to hijack a GPO and turn it into our pentesting puppet!  Muahahahahaah!!!!  Also:

  • This week over at 7MinSec.club we looked at how to defend against some common SQL attacks
  • We’re very close to offering our brand new LPLITE:GOAD 3-day pentest course (likely in mid-January). It will get announced on 7MinSec.club first, so please make sure you’re subscribed there (it’s free!)
  • Did you miss our talk called Should You Hire AI Run Your Next Pentest?  Check it out on YouTube!