16 min
7MS #302: Bunnies and Bloodhounds 7 Minute Security
-
- Technology
I've had a fun week with a mixed bag of security related stuff happening, so I thought I'd throw it all in a big stew and cook it up for today's episode. Here are the highlights:
Bash bunny preso I had a fun opportunity this week to speak to some property managers about the threats the Bash Bunny poses to an environment. Specifically I showed the one-two punch of:
How BB can steal your wireless network pre-shared keys that are saved to your PC
How BB can go into "Responder mode" to capture credentials
From the comfort of my mom's basement I can steal all this stuff, have it emailed to me, then drive up to your parking lot and join your wifi network with valid network creds! Sneaky bunnies FTW!
Bloodhound I got to run this on a big AD environment this week and the results were super interesting. I'm working on a down and dirty Bloodhound quick start guide for BPATTY (coming soon).
Brian's botched wireless Lesson learned this week: doing large Nessus scans from your home network can crush your ERX so scan with care (specifically, go into your Nessus policy and don't scan as many hosts simultaneously - I cranked mine down from like 100 hosts at a time to 5).
I've had a fun week with a mixed bag of security related stuff happening, so I thought I'd throw it all in a big stew and cook it up for today's episode. Here are the highlights:
Bash bunny preso I had a fun opportunity this week to speak to some property managers about the threats the Bash Bunny poses to an environment. Specifically I showed the one-two punch of:
How BB can steal your wireless network pre-shared keys that are saved to your PC
How BB can go into "Responder mode" to capture credentials
From the comfort of my mom's basement I can steal all this stuff, have it emailed to me, then drive up to your parking lot and join your wifi network with valid network creds! Sneaky bunnies FTW!
Bloodhound I got to run this on a big AD environment this week and the results were super interesting. I'm working on a down and dirty Bloodhound quick start guide for BPATTY (coming soon).
Brian's botched wireless Lesson learned this week: doing large Nessus scans from your home network can crush your ERX so scan with care (specifically, go into your Nessus policy and don't scan as many hosts simultaneously - I cranked mine down from like 100 hosts at a time to 5).
16 min