7 Minute Security

May 1, 202643m

Hey friends! Today's another Tales of Pentest Pwnage! Quick tangent first on a couple side projects: I've got a music thing at quack.house (like the duck noise, not the drug) and a podcast with my dancer son Atticus at D

Apr 24, 202628m

Hey friends! This week's episode is "Baby's First OpenClaw " – basically me shouting into the void hoping a smart listener will DM me and explain why this thing is supposed to be life-changing. Because right now? I'm a l

Apr 17, 202628m

Hey friends! After last week's heavy episode about my wife's health scare in Punta Cana, today's is a lighter one. (Quick update: she's doing better – still recovering, but appetite's back and she's got some pep again. T

Apr 10, 202648m

Hello friends! Today's episode is a bit of a detour from our usual content — it's part vacation horror story, part security/privacy confession. My wife got seriously ill during our spring break trip to Punta Cana, and in

Apr 3, 202633m

Today is my favorite pentest pwnage tale of 2026 – and maybe ever! It centers around an ADCS abuse via an attack path I'd never seen before. Tips include: Use Netexec to pull Powershell history Trying to steal reg hives

Mar 27, 202620m

Hola friends! Today's another fun tale of pentest pwnage. This time we started with no credentials and then set off on the bumpy journey from no-cred zero to domain admin hero! One specific reference in today's podcast t

Mar 20, 202622m

Hello friends! We're back with a fun tale of internal network pentest pwnage. This one highlights how AI can be used (with some guardrails!) to automate the boring stuff – and even help you pick part DLLs to find gold nu

Mar 13, 202631m

Hello friends, in today's edition of How to Secure Your Community, I give a brief recap of part 1 and part 2 , and then dive into some cool phone shortcuts you can setup so that with a single tap, you can alert friends/f

Mar 6, 202637m

Hello friends. Today's episode piggybacks off of last week 's discussion of Operation Metro Surge and how it has affected the state of Minnesota. I also highly encourage you to read this Rolling Stone article which featu

Feb 27, 202651m

Hello friends, it's good to be back with you. I took a podcast hiatus in January to focus on helping communities affected by Operation Metro Surge . Today I share how my family and community has been affected by it. And

Jan 17, 20264m

Hi friends, I'm going to be taking a break from producing podcast episodes, as well as content over at 7MinSec.club . It's a temporary break, so please don't unsubscribe, unfollow, etc. I need some extra time/energy to i

Jan 10, 202620m

Hey friends, in episode #649 I gave you my first impressions of Twingate . It's been a minute, so I thought I'd revisit Twingate (specifically this awesome Twingate LXC ) and talk about how we're using it to (almost) ent

Jan 2, 202625m

After sharing a recent story about how a phishing campaign went south , I heard feedback from a lot of you. You either commiserated with my story, told me I wussed out, and/or had a difficult story of your own to share.

Dec 26, 202514m

Today we're thrilled to announce the launch of LPLITE:GOAD (Light Pentest Live Interactive Training Experience: Game of Active Directory). The first class is coming up Tuesday, January 27 – Thursday, January 29 (9:00 a.m

Dec 19, 202529m

I'm so excited to share today's tale of pentest pwnage, because it brings back to life a coercion technique I thought wouldn't work against Windows 11! Spoiler alert: check out rpc2efs , as well as the 7MinSec Club episo

Dec 12, 202521m

This might be obvious, but security is not all domain admin dancing and maximum pwnage. Sometimes, despite my best efforts, a security project does a faceplant. Today's episode focuses on a phishing campaign that had ple

Dec 5, 202524m

Hola friends! My week has very much been about trying to turnaround pentest dropboxes as quickly as possible. In that adventure, I came across two time-saving discoveries: Using a Proxmox LXC as a persistent remote acces

Nov 28, 202522m

Happy Thanksgiving week friends! Today we're celebrating a turkey and pie overload by sharing another fun tale of pentest pwnage! It involves using pygpoabuse to hijack a GPO and turn it into our pentesting puppet! Muaha

Nov 21, 202521m

Hello friends, in today's episode I give an audio summary of a talk I gave this week at the MN GOVIT Symposium called "Should You Hire AI to Run Your Next Pentest?" It's not a pro- AI celebration, nor is it an anti- AI b

Nov 14, 202518m

Hello friends! This week I'm talking about what I'm working on this week, including: Preparing a talk called Should You Hire AI to Run Your Next Pentest for the Minnesota GOVIT Symposium . Playing with Lithnet AD passwor

Nov 7, 20258m

Today is episode 700 of the 7MinSec podcast! Oh my gosh. My mom didn't think we could do it, but we did. Instead of a big blowout with huge news, giveaways and special guests, today is a pretty standard issue episode wit

Oct 31, 202530m

Today we discuss some pre-travel tips you can use before hopping on a plane to start a work/personal adventure. Tips include: Updating the family DR/BCP plan Lightening your purse/wallet Validating/testing backups and re

Oct 24, 202524m

Today I give a quick review of the cloud version of ProjectDiscovery (not a sponsor!).

Oct 18, 202513m

Today your pal and mine Joe "The Machine" Skeen pwn one of the two Ninja Hacker Academy domains! This pwnage included: Swiping service tickets in the name of high-priv users Dumping secrets from wmorkstations Disabling A

Oct 10, 202527m

In today's episode: I got a new podcast doodad I really like JitBit as a security ticketing system (not a sponsor) The Threat Hunting with Velociraptor 2-day training was great. Highly recommend. I got inspired to take t