In Episode 80, Josh Amishav talks about the pyschological warfare that is being waged against various ransomware gangs, developments to Darkside, REvil and Blackmatter, Russia's handling of cyber criminals, using stealer log combo lists as part of your OSINT investigations and more.  For more information, including the show notes check out: https://breachsense.io/podcast 

In Episode 79, Josh Amishav chats with Mike Murr about the science behind social engineering, micro-expressions, FACS, which is the Facial Action Coding System, Common mistakes made during SE engagements, manipulation techniques and more.  For more information, including the show notes check out: https://breachsense.io/podcast 

In Episode 78, Josh Amishav does a solo adventure to talk about the thought process behind launching the Breachsense Darkweb API. The three main takeaways from the episode are: How ransomware has become a life and death issue What effect shutting down the REvil gang has had The 3 most common initial attack vectors used in ransomware attacks For more information, including the show notes check out: https://breachsense.io/podcast 

In Episode 77, Josh Amishav talks with Nate Warfield about threat intel, CTI League and cloud risk. My three main takeaways from the episode are: How to use tags to easily search Shodan for systems vulnerable to specific CVEs The most common threats the medical sector faces A couple of interesting techniques he uses to collect threat intel For more information, including the show notes check out: https://breachsense.io/podcast 

In Episode 76, Josh Amishav chats with Chris Dale about several techniques to associate a given asset back to a company. Three takeaways from the episode are: How to generate a custom wordlist for brute forcing your target A bunch of methods to correlate associated company assets via things like the DOM, JARM and TLS How to automate vulnerability discover For more information, including the show notes check out: https://breachsense.io/podcast 

In episode 75, Jeff Man joins us to talk about his time in the NSA, PCI, Hak4Kidz and content creation. My 3 main takeaways were 1) What red teaming was like in the 80s 2) Why PCI gets a bad reputation and 3) His tips for giving great conference talks. For more information, including the show notes check out: https://breachsense.io/podcast 

  In episode 73, Higinio Ochoa joins us for a behind the scenes look at his hacking escapades with Anonymous. The same methodology can be used for bug hunting today. My 3 main takeaways were 1) Building target lists at scale 2) His two OpSec mistakes which led to him getting caught and 3) What his must have hacking tools are now. For more information, including the show notes check out: https://breachsense.io/podcast  In episode 74, Brett Johnson joins us to talk about online crime, social engineering, spear phishing and trust. My 3 main takeaways were 1) How criminals convince us to trust them online 2) Bypassing company policies via social engineering and 3) How to get people to believe fake news and legends over facts For more information, including the show notes check out: https://breachsense.io/podcast 

  In episode 73, Higinio Ochoa joins us for a behind the scenes look at his hacking escapades with Anonymous. The same methodology can be used for bug hunting today. My 3 main takeaways were 1) Building target lists at scale 2) His two OpSec mistakes which led to him getting caught and 3) What his must have hacking tools are now. For more information, including the show notes check out: https://breachsense.io/podcast 

  In episode 72, Nathan Sweaney joins us talk about the future of privacy. My 3 main takeaways were 1) Who's collecting our bluetooth and wifi signals 2) How to get your talk accepted to a security con and 3) How he used OSINT to steal (in air quotes) his twitter handle from a Nazi. For more information, including the show notes check out: https://breachsense.io/podcast 

  In episode 71, Peter Taylor "The Fraud Guy" joins us talk about various aspects of fraud. My 3 main takeaways were 1) The common types of fraud he sees in his investigations 2) How Covid has influenced the fraud space and 3) Why aged shell companies and email addresses are so valuable For more information, including the show notes check out: https://breachsense.io/podcast 

    In episode 70, Volodymyr "Bob" Diachenko joins us talk about his research around open databases. My 3 main takeaways were 1) How he finds open databases 2) How he stays on the legal side when verifying his research and 3) Some cyber hygiene tips to prevent allowing unauthorized access to your critical infrastructure  For more information, including the show notes check out: https://breachsense.io/podcast 

  In episode 69, James Linton joins us talk about his email pranking days and Business Email Compromise in general. My 3 main takeaways were 1) some tactical tips on how he gained rapport on the initial contact 2) common risks associated with email related fraud and 3) how to protect yourself against email scams For more information, including the show notes check out: https://breachsense.io/podcast 

  In episode 68, Christian Espinosa joins us talk about effective communication. My 3 main takeaways were 1) Why we need to stop listening for agreement and instead look for insights 2) how acknowledging yourself plays a critical role in your ability to recognize others achievements and 3) The advantages of mono-tasking vs multi-tasking For more information, including the show notes check out: https://breachsense.io/podcast 

  In episode 67, Evan Francen hangs out to talk about security fundamentals, communicating risk & passwords. My 3 main takeaways were 1) What a CISOs job actually is when you boil it down 2) How to choose a risk methodology that’s right for you and 3) Some of the intricacies involved in secure password management For more information, including the show notes check out: https://breachsense.io/podcast 

  In episode 66, Matt Danner joins the show to talk about digital forensics. My 3 main takeaways were 1) How to perform a forensics investigation against Google Storage 2) What the limitations of the Google Drive API are and 3) How to approach iOS and Android devices in an investigation. For more information, including the show notes check out: https://breachsense.io/podcast 

In episode 65, I talk with Dr. Martina Dove about the psychology behind fraud, persuasion and scam techniques. My 3 main takeaways were 1) What makes some people more susceptible to fraud 2) the techniques scammers use to convince us to take certain actions and 3) What influence factor is the most powerful For more information, including the show notes check out: https://breachsense.io/podcast 

In episode 64, Daniel Cuthbert joins us to talk about the OWASP Application Security Verification Standard. My 3 main takeaways were 1) Why the ASVS will make you a better pen tester and even bounty hunter 2) How to use the ASVS for threat modelling and 3) His tips on getting your talk accepted at a security conference For more information, including the show notes check out: https://breachsense.io/podcast 

  In episode 63, I talk with Nico Dekens, a.k.a Dutch_Osintguy about the dangers of relying on one search engine, Telegram OpSec, browser extensions & more. My 3 main takeaways were 1) When specific search engines will give you better results than others 2) How Telegram can be a better OSINT source than Tor and 3) Search techniques for finding the right keywords and channels on Telegram For more information, including the show notes check out: https://breachsense.io/podcast 

    In episode 62, Alissa Knight, the author of Hacking Connected Cars, joins us to talk about hacking connected cars, APIs, defense as well as vulnerability management. My 3 main takeaways were 1) Where to even begin with car hacking 2) The challenges car manufacturers have when trying to defend against these attacks and 3) How APIs are shaping the future of hacking For more information, including the show notes check out: https://breachsense.io/podcast 

  In episode 61, Robert Graham, the creator of masscan, joins us to talk about running internet wide port scanning the right way. My 3 main takeaways were 1) How to use the banner function correctly 2) How to figure out the fastest rate you can send packets and 3) The most common mistakes Rob sees when folks run masscan For more information, including the show notes check out: https://breachsense.io/podcast 

    In episode 60, we chat with AJ Yawn about AWS security, compliance in the cloud, choosing an auditor and more. My 3 main takeaways were 1) How to make compliance not suck 2) How to automate security within an AWS environment and 3) What shared responsibility means when managing cloud infrastructure For more information, including the show notes check out: https://breachsense.io/podcast 

    In episode 59, Tim Adams joins us this week to talk DNS security, Zero Trust, TLD filtering and more. My 3 main takeaways were 1) How to integrate DNS Response Policy Zones, or RPZs, to prevent access to known bad domains 2) How aged a domain should be, sort of like wine, before trusting it and 3) DNS Tunneling, how to identify it and stop it For more information, including the show notes check out: https://breachsense.io/podcast 

Ben Dowling hangs out this week to talk about IP Geolocation. My 3 main takeaways were 1) how they determine where an IP address is actually located 2) how they deal with massive amounts of crowdsourced geodata 3) how they attribute IP addresses to specific companies For more information, including the show notes check out: https://breachsense.io/podcast  Ryan Dewhurst joins us this week to talk about all things WPScan. My 3 main takeaways were 1) common mistakes he sees when people run wpscan 2) 3 things you can do to stop 90% of WordPress attacks 3) His tips on launching a security tool For more information, including the show notes check out: https://breachsense.io/podcast 

      In episode 56, Assaf Dahan  joins us to talk about ransomware, monetization techniques, attribution and getting started as a malware researcher. My 3 main takeaways were 1) why the double extortion method is so popular 2) how long it takes to exfiltrate our data 3) the most common initial attack vectors used to infect targets For more information, including the show notes check out https://breachsense.io/podcast       In episode 56, Assaf Dahan  joins us to talk about ransomware, monetization techniques, attribution and getting started as a malware researcher. My 3 main takeaways were 1) why the double extortion method is so popular 2) how long it takes to exfiltrate our data 3) the most common initial attack vectors used to infect targets For more information, including the show notes check out https://breachsense.io/podcast In episode 56, Assaf Dahan  joins us to talk about ransomware, monetization techniques, attribution and getting started as a malware researcher. My 3 main takeaways were 1) why the double extortion method is so popular 2) how long it takes to exfiltrate our data 3) the most common initial attack vectors used to infect targets For more information, including the show notes check out https://breachsense.io/podcast  Ben Dowling hangs out this week to talk about IP Geolocation. My 3 main takeaways were 1) how they determine where an IP address is actually located 2) how they deal with massive amounts of crowdsourced geodata 3) how they attribute IP addresses to specific companies For more information, including the show notes check out: https://breachsense.io/podcast 

    In episode 56, Assaf Dahan  joins us to talk about ransomware, monetization techniques, attribution and getting started as a malware researcher. My 3 main takeaways were 1) why the double extortion method is so popular 2) how long it takes to exfiltrate our data 3) the most common initial attack vectors used to infect targets For more information, including the show notes check out https://breachsense.io/podcast 

This week Jeff Foley hangs all to talk about asset discovery using amass, recon methodologies,  hashcat style brute forcing vs. wordlists, extending functionality via the embedded Lua engine and more. My 3 main takeaways were 1) how to find assets that don’t share a domain name using JARM 2) how they made scanning faster by essentially lowering the DNS brute forcing query rate and 3) what the future has in store for the project For more information, including the show notes check out https://breachsense.io/podcast            This week Jim Manico joins the show to talk about Cross Site Scripting, CSPs, strict dynamic, trusted types, SameSite cookies,  NIST SP 800-63, password shucking and more. My 3 main takeaways were 1) how to do input validation correctly 2) why using nonces in your CSP is safer than creating an allowed list policy and 3) the right way to handle passwords For more information, including the show notes check out https://breachsense.io/podcast This week Jim Manico joins the show to talk about Cross Site Scripting, CSPs, strict dynamic, trusted types, SameSite cookies,  NIST SP 800-63, password shucking and more. My 3 main takeaways were 1) how to do input validation correctly 2) why using nonces in your CSP is safer than creating an allowed list policy and 3) the right way to handle passwords For more information, including the show notes check out https://breachsense.io/podcast This week Jim Manico joins the show to talk about Cross Site Scripting, CSPs, strict dynamic, trusted types, SameSite cookies,  NIST SP 800-63, password shucking and more. My 3 main takeaways were 1) how to do input validation correctly 2) why using nonces in your CSP is safer than creating an allowed list policy and 3) the right way to handle passwords For more information, including the show notes check out https://breachsense.io/podcast This week Jim Manico joins the show to talk about Cross Site Scripting, CSPs, strict dynamic, trusted types, SameSite cookies,  NIST SP 800-63, password shucking and more. My 3 main takeaways were 1) how to do input validation correctly 2) why using nonces in your CSP is safer than creating an allowed list policy and 3) the right way to handle passwords This week Charlie Belmer joins the show to chat about NoSQLi, web proxies, cloud security, tips to get started in InfoSec and more. My 3 main takeaways were 1) how SQLi differs from NoSQLi 2) why privacy still matters and 3) How cookieless tracking works and some of the frightening techniques used For more information, including the show notes check out https://breachsense.io/podcast 

        This week Jim Manico joins the show to talk about Cross Site Scripting, CSPs, strict dynamic, trusted types, SameSite cookies,  NIST SP 800-63, password shucking and more. My 3 main takeaways were 1) how to do input validation correctly 2) why using nonces in your CSP is safer than creating an allowed list policy and 3) the right way to handle passwords For more information, including the show notes check out https://breachsense.io/podcast This week Jim Manico joins the show to talk about Cross Site Scripting, CSPs, strict dynamic, trusted types, SameSite cookies,  NIST SP 800-63, password shucking and more. My 3 main takeaways were 1) how to do input validation correctly 2) why using nonces in your CSP is safer than creating an allowed list policy and 3) the right way to handle passwords For more information, including the show notes check out https://breachsense.io/podcast This week Jim Manico joins the show to talk about Cross Site Scripting, CSPs, strict dynamic, trusted types, SameSite cookies,  NIST SP 800-63, password shucking and more. My 3 main takeaways were 1) how to do input validation correctly 2) why using nonces in your CSP is safer than creating an allowed list policy and 3) the right way to handle passwords For more information, including the show notes check out https://breachsense.io/podcast This week Jim Manico joins the show to talk about Cross Site Scripting, CSPs, strict dynamic, trusted types, SameSite cookies,  NIST SP 800-63, password shucking and more. My 3 main takeaways were 1) how to do input validation correctly 2) why using nonces in your CSP is safer than creating an allowed list policy and 3) the right way to handle passwords This week Jeff Foley hangs all to talk about asset discovery using amass, recon methodologies,  hashcat style brute forcing vs. wordlists, extending functionality via the embedded Lua engine and more. My 3 main takeaways were 1) how to find assets that don’t share a domain name using JARM 2) how they made scanning faster by essentially lowering the DNS brute forcing query rate and 3) what the future has in store for the project For more information, including the show notes check out https://breachsense.io/podcast 

    This week we cover a basic introduction to password cracking with hashcat. We cover why rainbow tables are no longer useful, password salts, identifying hash types, wordlists, attack modes, the rules language, secure hashing algorithms, password safes and more. For more information, including the show notes check out: https://breachsense.io/podcast

    This week we change things up a bit and review a curated (almost) 5 minute summary of the latest InfoSec news including SolarWinds sanctions, language supply chain attacks, Egregor ransomware as a service, N.Korean crypto theft, vuln exploitation in the wild, Mexican politicians and ATM skimming, a new password manager, legal use of look-alike domains, rogue Yandex employees and SIM swapping attacks. For more information, including the show notes check out https://breachsense.io/podcast This week I offer a curated (almost) 5 minute summary of the latest InfoSec news including the Ubiquiti hack, the latest Facebook data leak, PHP's official Git repository hack, Github security tool updates, Government phishing attacks, a critical netmask NPM vuln, a Spectre/Meltdown mitigation bypass, a zero-click exploit in IoS's Mail, cryptomining Docker images and Microsoft Exchange exploits in the wild. For more information, including the show notes check out: https://breachsense.io/podcast

    This week Jim Manico joins the show to talk about Cross Site Scripting, CSPs, strict dynamic, trusted types, SameSite cookies,  NIST SP 800-63, password shucking and more. My 3 main takeaways were 1) how to do input validation correctly 2) why using nonces in your CSP is safer than creating an allowed list policy and 3) the right way to handle passwords For more information, including the show notes check out https://breachsense.io/podcast 

        This week pdp hangs out to chat about PownJS, SecApps, recon tool orchestration and tool development. My 3 main takeaways were 1) how to integrate PownJS into your recon process 2) his recon workflow and 3) Why JavaScript is a great language for quick PoC development For more information, including the show notes check out https://breachsense.io/podcast 

  This week Gabrielle Botbol joins the show to talk about getting into the world of pen testing, certs, CTFs, self study resources, report writing, repeatable risk scoring, finding XSS and staying current. My 3 main takeaways were 1) the CTFs you should be practicing on 2) some strategies to gain credibility in the industry and 3) which certs are worth the investment For more information, including the show notes check out https://breachsense.io/podcast 

    This week Paulino Calderón joins the show to chat about his methodology for finding bugs in IoT devices, using Lua for quick exploit development, alarming vulnerabilities he found in a smart water bottle, extending Nmap's functionality and his tips for starting a security business. For more information, including the show notes check out https://breachsense.io/podcast

  This week Christian Folini hangs out to talk about protecting web apps with the OWASP Core Rule Set, getting into the security industry, impedance mismatch and anomaly scoring. My 3 main takeaways were 1) how RASPs compare to WAFs 2) how paranoia levels are used to eliminate false positives and 3) how the Swiss Post used the CRS to protect a vulnerable online voting system For more information, including the show notes check out https://breachsense.io/podcast

    This week we change things up a bit and review a curated (almost) 5 minute summary of the latest InfoSec news including SolarWinds sanctions, language supply chain attacks, Egregor ransomware as a service, N.Korean crypto theft, vuln exploitation in the wild, Mexican politicians and ATM skimming, a new password manager, legal use of look-alike domains, rogue Yandex employees and SIM swapping attacks. For more information, including the show notes check out https://breachsense.io/podcast

  This week John Hammond joins the show to talk about hacking with Python, certs vs degrees, avoiding rabbit holes and the differences between various flavors of CTFs. My 3 main takeaways were 1) how to get started with capture the flag competitions 2) dealing with burnout and 3) his methodology to analyze malware For more information, including the show notes check out https://breachsense.io/podcast

  This week Ted Harrington hangs out to talk about hacking passive medical devices, predicting Ethereum private keys and exploiting business logic flaws. My 3 main takeaways were 1) Ted's 6 fundamentals of security testing 2) How do to threat modelling right and 3) His advice for starting a security company For more information, including the show notes check out https://breachsense.io/podcast

    This week Robert Hansen joins us to talk about privacy as a service, search engine and VPN privacy, the future of cyber-insurance, asset discovery, hackers.org and some tips on starting a security business. My 3 main takeaways were 1) the future of data privacy 2) How he used snapshots of the internet to predict stock prices and 3) what security controls he would do differently if he ran hackers.org today For more information, including the show notes check out https://breachsense.io/podcast

  This week Charles Shirer joins us to talk about pen testing, OSINT and how he got started in security. My 3 main takeaways were 1) when to use SecBSD as an alternative to Kali 2) How to approach pen testing APIs as opposed to web apps and 3) some tactical tips on maintaining your mental health when dealing with the pressures of InfoSec For more information, including the show notes check out https://breachsense.io/podcast

  This week Chris Hadnagy joins us to talk about the psychology behind social engineering, choosing effective pretexts, as well as the science behind how we make decisions. My 3 main takeaways were 1) how to identify personality types and communicate effectively using DISC 2) how Oxytocin and Amygdala hijacking influence our behavior and 3) How to get started in a career as a social engineer For more information, including the show notes check out https://breachsense.io/podcast

  This week Fabio Viggiani hangs out to talk about supply chain attacks, ransomware, mapping your software dependencies and assuming breach. My 3 main takeaways were 1) his insights into reverse engineering the SolarWinds Orion malware 2) Up-in-coming trends he sees in ransomware and 3) how he runs incident response investigations For more information, including the show notes check out https://breachsense.io/podcast

      This week Josh Sokol joins the show talk about managing risk with a focus on keeping it simple, turning a free open source project into a business and his suggestions on how to get started in InfoSec. My 3 main takeaways were 1) the three components of risk mitigation 2) the different level of maturity within risk management programs and 3) his process for ensuring his codebase is secure For more information, including the show notes check out https://breachsense.io/podcast

  This week Tyrone Wilson hangs out to talk about breaking into the security industry, passive OSINT and starting a security business. My 3 main takeaways were 1) how to use free tools to gain experience before joining a SOC 2) how he used OSINT to find his biological father and 3) how to maintain your privacy when using exercise apps. For more information, including the show notes check out https://breachsense.io/podcast

  This week Jenny Radcliffe joins to the show to talk about social engineering. My 3 main takeaways were 1) which influence factors are most useful in specific situations like in person social engineering vs phishing emails 2) reading micro-expressions in context and understanding their limitations and 3) how to protect yourself against social engineering attacks. For more information, including the show notes check out https://breachsense.io/podcast

          This week Tracy Maleeff hangs out to talk about using empathy to improve your InfoSec investigations. My 3 main takeaways were 1) how to collaborate OSINT findings before drawing a conclusion 2) how to communicate technical issues to a non-technical audience and 3) some tactical tips on using empathy to discover new information. For more information, including the show notes check out https://breachsense.io/podcast

  This week Ed Bellis joins the show to talk about risk based vulnerability management. My 3 main takeaways were 1) which factors you should take into consideration when prioritizing vulnerability remediation 2) the effects that public exploit code has on remediation efforts 3) how organizations can improve their threat prioritization by using their own threat intel in their risk assessments For more information, including the show notes check out https://breachsense.io/podcast

        This week John Strand joins the show to talk about pen testing in the age of Corona, bypassing multi-factor authentication, dealing with ransomware and starting a security business. My 3 main takeaways were 1) why 0-days don't matter 2) how to bypass identity services like Okta and 3) the one guiding rule for creating a security business For more information, including the show notes check out https://breachsense.io/podcast

      This week Tanya Janca hangs out to talk about secure coding,  supply chain security and her new book 'Alice and Bob Learn Application Security'. My 3 main takeaways were 1) how to choose the right language to develop in when starting a project 2) why we should get rid of as many different JavaScript frameworks as possible within our code base and 3) what drives someone to write a computer security book For more information, including the show notes check out https://breachsense.io/podcast

  This week Or Katz joins us to shares his research into novel phishing evasion techniques seen in the wild. My 3 main takeaways were 1) What the most popular methods to propagate phishing attacks are 2) what signals can help determine if complicated code is malicious or not and 3) How to handle potentially malicious users when we don’t have enough information to understand their true intentions For more information, including the show notes check out https://breachsense.io/podcast

  This week Chris Rock shares his story as well as some techniques he's used as a cyber mercenary. My 3 main takeaways were 1) why 0-days are rarely needed 2) Spear-phishing as the most efficient technique for the initial compromise 3) why the easiest path to your target may be by hacking someone else, like their accountant For more information, including the show notes check out https://breachsense.io/podcast

    This week Hakluke shares some mindset tweaks and tactical advice on how to improve your bug bounty hunting. My 3 main takeaways were 1) why the abundance mindset is so important 2) what we can learn from the similarities between the music industry and bounty hunting and 3) why collaboration is so important. For more information, including the show notes check out https://breachsense.io/podcast

  This week Katie Moussouris hangs out to talk about both the advantages as well as challenges in running bug bounty programs. My 3 main takeaways were when companies should choose a bounty as opposed to a pen test, where a company should be at operationally before launching a program and how companies should prepare before launching their bug bounty program. For more information, including the show notes check out https://breachsense.io/podcast

This week STÖK joins us to talk about how he approaches bug bounties. My 3 main takeaways were why you should specialize in a couple of specific bug types. Why you should constantly scan a multitude of bounty programs and why you should hack with a team. For more information, including the show notes check out https://breachsense.io/podcast

This week Joona Hoikkala joins us to talk about some of the advanced features of ffuf. My 3 main takeaways were why you should use a VPS for running scans and how to integrate an external ffuf scan into your local Burp instance. Why you should use filters instead of the default pattern matcher to remove false positives as well as what cool functionality he's working on to enhance ffuf's capabilities. For more information, including the show notes check out https://breachsense.io/podcast

This week James Kettle joins the show to talk about the methodology he uses to find really novel widespread vulnerabilities that break the internet. My 3 main takeaways were what techniques he uses to decide what research topics are worth pursuing. Second, what behavior traits are needed to become a successful security researcher and third why the HTTPOnly cookie flag is useless and a complete joke. For more information, including the show notes check out https://breachsense.io/podcast

This week Jeremiah Grossman hangs out talk InfoSec, ransomware and asset inventory. My 3 main takeaways were how we can use metadata to corrolate assets to an entity. Second, why cyber insurance will dictate what security tests are run and third Jeremiah's 3 super powers that aren't related to Jiu-jitsu For more information, including the show notes check out https://breachsense.io/podcast

This week Ira Winkler joins the show to talk about social engineering & protecting your network against the human element. My 3 main takeaways were how we need to integrate lessons from industrial safety programs into our security policies. Second, what procedures Twitter should've had in place to prevent their recent hack against high profile users as well as what the most important skill for social engineering is. For more information, including the show notes check out https://breachsense.io/podcast

This week Samy Kamkar hung out to talk about some of his adventures creating worms and zombie drone armies with a focus on his process for reverse engineering both software and hardware. My three main takeaways were how he created cheats on Counter-Strike, how he created one of the fasting spreading viruses of all time and why he finds the physical access control problem interesting. For more information, including the show notes check out https://breachsense.io/podcast

This week Chris Kubecka joins the show. We focused on leveraging OSINT in security research. My three main takeaways were how she used OSINT to find Boeing's dev systems. As well how she uses code search engines to find a systems running a piece of known vulnerable code and why its worthwhile doing security research out of the Netherlands when your target likes to sue you into silence.

This week HD Moore is on the show. We focused on asset identification. The three main takeaways are how to figure out relationships between domains, meaning how to correlate domain ownership without relying on whois information (which in our GDPR world is no longer available). We also talked about moving beyond fingerprints to figure out what a device actual is and not just the OS it runs. Finally, why local networks are only growing and getting denser even when the trend is to move everything to the cloud.

This week Robert Baptiste, aka Elliot Anderson (@fs0c131y) joins us to chat about his research into TikTok, how he bypassed limitations in the Indian government’s Covid tracing app to figure out how many sick people were in their parliament building as well as his new endeavor fighting disinformation with Predicta Lab.  

This week Dawgyg (Tommy DeVoss) hangs out to chat about his approach to bug bounty hunting, which led him to be one of eight million dollar hackers on the HackerOne platform. We discuss his approach to recon, how he finds unique bugs, how to get into bug hunting and more.

  This week Simon Bennetts joins me to talk about how to automate web app scanning via ZAP. We discuss API integration, headless scanning, Github action scans, the HUD and more.

    This week Matthias Wilson joins me to discuss how he uses various OSINT techniques to track down Nigerian advance payment scammers while having a bit of fun. Matthias also shares how he's combined OSINT and social engineering techniques during physical engagements.

              This week Ty Miller of Threat Intelligence fame joins us to talk about security automation. Whether you're tasked with incident response, pen testing or gathering threat intelligence, automation can enable you to scale and maximize resources. We talk about chaining various open source tools together to give you an initial baseline level of information as well as Evolve, their commercial alternative.

      This week River Security's Founder and SANS instructor Chris Dale joins us to explain why recon should be separated from the pen test in order to improve efficiency and increase the quality of the outcome. He also explains his recon process as well as the tools he uses to map out the target's attack surface.

        This week OWASP's new executive director Andrew van der Stock hangs out to talk about the future of several flagship projects like the Application Security Verification Standard (ASVS) and the Top 10 as well as how OWASP should adapt in order to continue growing in light of Covid.

This week we discuss several passive recon techniques to further enumerate the attack surface as well as how we can tie the output from the rest of our recon tools together into a central location via the Amass scripting engine. This allows us to easily combine our results into a single database to track changes over time as well as visualize data points discovered from all of our recon tools.

This week we discuss how pen testers and bug bounty hunters can get better brute force results by creating a custom wordlist based on what they're trying to enumerate. The lists that come with popular tools are often dated. We can generate more targeted wordlists based on current trends with BigQuery as well as unique terms used in the target web app itself.

This week we talk about how to use the Bash shell to help automate OSINT and pen testing tasks that are run often. We also discuss how to automate parts of the recon process by using vim as a visualization tool to find anomalies.

This week we cover a couple of new OSINT tools and techniques like Snapchat maps, Signal face obfuscation, web cam indexes and httpx. We also do a deep dive into Server Side Request Forgery (SSRF) attacks and how to bypass common defenses.

This week we cover a couple of new tools like ffuf, recursebuster, subjack and cloud_enum. We discuss how to combine and recursively scan the output. Then we throw this into a Bash script to automate the initial attack surface mapping to help us find juicy vulns with minimal effort

This week we do a deep dive into Amass, the OWASP domain enumeration and network mapping tool. This is essential for figuring out your target's attack surface both for offensive and defensive security.

This week we do a deep dive into GitHub reconnaissance. GitHub can be a goldmine for finding leaked credentials and expanding the attack surface by finding new subdomains and API endpoints. This is important both from an OSINT or red team standpoint to figure out where to focus your attacks as well as for the blue team to know what information has been leaked.

This week I discuss the latest InfoSec news including hiding XSS payloads in polymorphic images, exploiting remote code execution on Salt servers, using open source intelligence to track down Russian operatives, tracking Ransomware, DNS over HTTPS, Zoom security improvements and the latest data breaches. We also discuss several techniques to track down open noSQL servers like Elasticsearch.

This week I discuss the latest InfoSec news including Covid-19 tracking apps, an iOS no-click 0-day,  phishing the WHO, hacking Microsoft Teams and and a SQL Injection in the Sophos firewall. We also discuss several techniques on mapping out the attack surface for your target.

This week I discuss the latest InfoSec news including automated grocery shopping delivery time slot bots, IBM 0-days, thieves returning stolen cryptocurrency, the Webkinz breach and more, as well as some tips on how to track down who is behind a website.

This week I discuss the latest InfoSec news including Cloudflare, Git and infected Ruby Gems, ransomware news, the latest data leaks, as well as optimizing your reverse image search capabilities.

This week I discuss the latest InfoSec news including Zoom, Twitter, Marriott, GoDaddy, the SBA and CloudFlare as well as cyber attribution and how to implement canary tokens to figure out who's attacking you.

This week I discuss the security risks video conferencing software such as Zoom presents, some tips on separating your work and personal digital lives as well as an OSINT tip on how to search LinkedIn anonymously.