Today I’m excited about some tools/automation I’ve been working on to help shore up the 7MinSec security program, including:

• Using Retype as a document repository
• Leveraging the Nessus API to automate the downloading/correlating of scan data
• Monitoring markdown files for “last update” changes using a basic Python script

Hey friends, today we cover:

• The shiny new 7MinSec Club
• BPATTY updates
• A talk-through of the WPA3 downgrade attack, complemented by the YouTube livestream

Hello friends! Today we’re talking about a neat and quick-to-setup documentation service called Retype. In a nutshell, you can get Retype installed on GitHub pages in about 5 minutes and be writing beautiful markdown pages (with built-in search) immediately. I still absolutely love Docusaurus, but I think Retype definitely gives it a run for its money.

Happy new year friends! Today we talk about business/personal resolutions, including:

• New year’s resolution on the 7MinSec biz side to have a better work/life balance
• New training offering in the works
• Considering Substack as a communications platform
• A mental health booster that I came across mostly by accident

Today we’re doing a milkshake of several topics: wireless pentest pwnage, automating the boring pentest stuff with cursor.ai, and some closing business thoughts at 7MinSec celebrates its 7th year as a security consultancy. Links discussed today:

• AWUS036ACH wifi card (not my favorite anymore)
• Panda PAU09 N600 (love this one!)
• The very important Github issue that helped me better understand BPFs and WPA3 attacks
• TrustedSec article on WPA3 downgrade attacks

Today we’ve got some super cool stuff to cover today! First up, BPATTY v1.4 is out and has a slug of cool things:

• A whole new section on old-school wifi tools like airmon-ng, aireplay-ng and airodump-ng
• Syntax on using two different tools to parse creds from Dehashed
• An updated tutorial on using Gophish for phishing campaigns

The cocoa-flavored cherry on top is a tale of pentest pwnage that includes:

• Abusing SCCM
• Finding gold in SQL configuration/security audits

Hey friends, today we’re talking about tips to effectively present your technical assessment to a variety of audiences – from lovely IT and security nerds to C-levels, the board and beyond!

Today’s episode talks about some things that helped me get through a stressful and hospital-visit-filled Thanksgiving week, including:

• Journaling
• Meditation
• (An activity I’m ashamed of but has actually done wonders for my mental health)