7MS #261: Blind Network Security Assessments
1 min read Podcast

7MS #261: Blind Network Security Assessments

  • The PwnPulse helps a ton in scanning wired and wireless networks...and even Bluetooth! I've covered the Pulse in past episodes - check out part 1 and part 2.

  • Network Detective will do a ton of helpful Active Directory enumeration and point out potential red flags, such as:

  • Accounts that haven't been logged into for a long time

  • Accounts with passwords that haven't been refreshed in a long time

  • Privileged groups that need review (Domain Admins, Enterprise Admins, etc.)

  • AD policy issues (*warning: by default Network Detective only pulls back a few policies by default. Check out scripts such as my Environment Check to grab a dump of all GPOs.

  • Thycotic Privileged Account Discovery is a free tool that can crawl AD workstations and enumerate the local administrator accounts on each machine. It makes a good case for implementing LAPS.

You might also like...

Jan
19

7MS #607: How to Succeed in Business Without Really Crying - Part 15

1 min read
Jan
12

7MS #606: Hacking OWASP Juice Shop (2024 edition)

1 min read
Jan
05

7MS #605: Navigating the Demands of Tech Leadership with Amanda Berlin of Blumira

1 min read
Jan
01

7MS #604: A Two Tool Teaser

1 min read
Dec
24

7MS #603: Monitoring Your Tailscale Network with Uptime Kuma

1 min read

Popular tags

Podcast Pentesting interviews blue team diy