Black Hat & DEF CON 2018 - Tradecraft Security Weekly #28
This is the Hacker Summer Camp 2018 edition of Tradecraft Security Weekly. In this week's episode Beau Bullock (@dafthack) talks about some of the mor...
Tradecraft Security Weekly (Audio)
Share:
Listens: 0
About
Want to learn about all of the latest security tools and techniques? This is the show for you! We show you how to install, configure and use a wide variety of security tools for both offense and defense. Whether you are a penetration tester or defending enterprise networks, this show will help you!
Phishing 2FA Tokens with CredSniper - Tradecraft Security Weekly #25
Organizations are implementing two-factor on more and more web services. The traditional methods for phishing credentials is no longer good enough to ...
Evading Network-Based Detection Mechanisms - Tradecraft Security Weekly #24
In this episode of Tradecraft Security Weekly hosts Beau Bullock (@dafthack) and Mike Felch (@ustayready) discuss methods for evading network-based de...
HTML5 Storage Exfil via XSS - Tradecraft Security Weekly #23
It is fairly common for pentesters to discover Cross-Site Scripting (XSS) vulnerabilities on web application assessments. Exploiting these issues pote...
Leaking Windows Creds Externally Via MS Office - Tradecraft Security Weekly #21
In this episode of Tradecraft Security Weekly, Mike Felch discusses with Beau Bullock about the possibilities of using framesets in MS Office document...
Google Event Injection - Tradecraft Security Weekly 20
Google provides the ability to automatically add events to a calendar directly from emails received by Gmail. This provides a unique situation for phi...
Domain Fronting - Tradecraft Security Weekly #18
Domain fronting is a technique used to mask command and control (C2) traffic. It is possible for C2 channels to be proxied through CDN's like Cloudfro...
Cracking Password Hashes Efficiently - Tradecraft Security Weekly #17
If you are a penetration tester password cracking is something you will inevitably do. On most engagements we typically don't have months on end to cr...
Automating Screenshots to Quickly Assess Many WebApps - Tradecraft Security Weekly #12
On penetration tests we are often-times faced with very large external or internal attack surfaces that are made up of multiple web applications. When...
Situational Awareness with HostRecon - Tradecraft Security Weekly #7
After exploiting a system on a remote & unfamiliar network it is extremely important to gain situational awareness as quickly, and quietly as possible...