A pentester navigated from basic internal network access to achieving full Domain Controller (DC) compromise and ultimately SCADA system control, revealing vulnerabilities that could have led to a hazardous chlorine release into a city's water supply. Episode 5 of The Security Engineering Show offers invaluable insights into modern offensive security and real-world breaches.

This is the show for security engineers, by security engineers.

Featuring

Noah Stanford: CEO at 0pass

Finn Foulds-Cook: Senior Penetration Tester at Volkis

00:00 - Intro

1:40 - The Engagement

4:45 - Windows Exploitation and Tooling

6:55 - ADCS, Coerced Auth, and Certs!

11:10 - Domain Controller Takeover

13:20 - Abusing DC Sync and EDR

15:55 - From DA to Azure

18:00 - Disabling your fancy EDR

19:30 - Escalating to Azure Global Admin

21:10 - Everything hacked, now what?

22:03 - Enumerating SCADA

24:31 - From SCADA to DEATH

27:44 - How do we fix all of this?

30:01 - Important security insights

31:47 - Message to Security / IT teams

33:36 - Outro

What happens when an American computer science student studies abroad in China and decides to find out what the Chinese government is censoring? Learn about how he did it, and what he discovered on this episode of The Security Engineering Show.

This is the show for security engineers, by security engineers.

Featuring

Noah Stanford: CEO at 0pass

Mitch Edwards: CEO at GrabbrApp

00:00 - Intro

1:16 - About Mitchell

4:12 - Chinese Yahoo Answers

6:00 - The Zhihu web scraper

9:10 - Analyzing the data

13:00 - Cat and mouse game

19:45 - Defense and iterations

21:35 - Threat Intel on the Dark Web

26:11 - Outro

Delve into the nitty-gritty of a company's two run-ins with the Lazarus Group. The first time, to clean up the mess they left behind, and the second, to stop them in their tracks after getting a telltale alert from the SEIM.

This story is about a security engineer who hijacked the most important web page on the internet as part of a capture the flag challenge. While I can't tell you which exact page or company this happened at, you definitely know it and most likely use it every day in your business and personal life.

"Oh the places you'll find malware" brings surprising stories of infections and security incidents. Michael Grube, formerly a security engineer at SpaceX and now a vulnerability researcher at an employer we won't disclose, tells the stories about how he found malware in a Hadoop cluster, on a water jet machine (bought straight from the manufacturer), and in an Active Directory environment. We talk about the tricks that threat actors used to cover their tracks and how they were exposed.

This is the show for security engineers, by security engineers.

Featuring

Noah Stanford, CEO at 0pass: https://www.linkedin.com/in/pwned/
Michael Grube: Vulnerability Researcher and Security Engineer