Podcast Episodes
Back to SearchEpisode 6: 5 Ways to Get More Value out of your External Penetration Test
Season 1 Episode 6
Are you sure you're getting what you paid for when it comes to external penetration tests? In this podcast Brad and Spencer discuss 5 things that you…
3 years, 10 months ago
9-2-22 Week in Review: Okta Phishing, BEC Analysis, LNK Attacks
Season 100 Episode 17
In this week's review
Roasting 0ktapus: The phishing campaign going after Okta identity credentialsAdvanced BEC Scam Campaign Targeting Executives on …3 years, 10 months ago
Episode 5: Common High Risk Findings on Internal Penetration Tests & How to Mitigate Them
Season 1 Episode 5
It's an unfortunate truth that we see these common high risk findings time and time again on internal pentests. We find these issues on super-maximum…
3 years, 10 months ago
8-26-22 Week in Review: LastPass Breach, Office 365 Abuse, DevSecOps
Season 100 Episode 16
In this week's review
Hackers Breach LastPass Developer System to Steal Source CodeYou Can’t Audit Me: APT29 Continues Targeting Microsoft 365 | Mandi…3 years, 10 months ago
Episode 4: 7 Awesome Ways to Show Off Your Skills as a Pentester
Season 1 Episode 4
In order to stay relevant and up-to-date with new techniques and tools, it requires a certain amount of focus day after day, week after week, year af…
3 years, 10 months ago
8-19-22 Week in Review: Password Snooping, Supply Chain, Cl0p Ransomware
Season 100 Episode 15
In this week's review
Cleartext Shenanigans: Gifting User Passwords to Adversaries With NPPSPYRealtek SDK Vulnerability Exposes RoutersInfoSec Handler…3 years, 10 months ago
Episode 3: It's a Trap! Avoid These 4 Common Pentesting Mistakes
Season 1 Episode 3
This podcast is a discussion about 4 Common Pentesting Mistakes that we oursleves have made and have seen other pentesters make. Hopefully, the dialo…
3 years, 10 months ago
8-12-22 Week in Review: BumbleBee Malware & High Profile Phishing Attacks
Season 100 Episode 14
In this week's review
BumbleBee Roasts Its Way to Domain AdminSMS & Voice Phishing Attackshttps://www.twilio.com/blog/august-2022-social-engineering-a…3 years, 10 months ago
Episode 2: How to Find Passwords on Network Shares Before Attackers Do
Season 1 Episode 2
Brad and Spencer discuss a common finding on internal penetration tests.
Blog: https://offsec.blog/
Youtube: https://www.youtube.com/channel/UCCWmudG…
3 years, 11 months ago
8-5-22 Week in Review: Evasive Phishing, Tricky Malware and Initial Access Brokers
Season 100 Episode 13
In this week's review
Large-Scale AiTM Attack targeting enterprise users of Microsoft email servicesDeception at a scaleInitial Access Brokers Are Key…3 years, 11 months ago