Got a chance to tell a story on #DarknetDiaries with Jack Rhysider.
Ep 36: Jeremy from Marketing
"A company hires a penetration tester to pose as a new hire, Jeremy from Marketing, to see how much he can hack into in his first week on the job. It doesn’t go as planned."
You can listen to it here: https://darknetdiaries.com/episode/36/
@tinker Tinker's still alive, everyone!
@m4iler - The reports of my death are greatly exaggerated.
@tinker Ah, I wondered if that was you. 😀
@tinker to be fair it'll be very difficult for anyone engineering minded to pose as a marketing person of all things o_o
@polychrome - I blent in fine, I think.
I’ve held many jobs and roles in my time. Draw on those experiences as I need.
@tinker Great story man, Listened to in on my way to work.
@databotz - Cheers!
@tinker thanks for sharing!
@maxg - You’re welcome, Max!
@tinker it was really awesome! Thanks for sharing that!
@mbicca - Cheers, Marco!
@tinker Listening in!
@superruserr - Yeah?! Let me know what you thought! (Or lie to me if you thought it was bad...)
@tinker It's very interesting! And relateable (as in, I can learn from it and apply)
@tinker One of the red flags was finance running Powershell.. did the IT team ever do monitoring on their side for PowerShell instances (ie "if EventIDs for PowerShell come up from Finance computer, pop an alert")
@superruserr - I’m not certain. This was blackbox from my side. I only got a bit of information from them at the end. I imagine they did do monitoring, though. Not sure the extent.
Best background music to go with the narrative.
@superruserr - Yeah, Jack’s production quality is very good!
@tinker I love when you talk Physical Pen Testing, it's less about the "cool story" and always about teaching (but still with a cool story or two...). I've got this one queued up at the top of my list!
@entreprelife - Cheers!
Got it bookmarked for later. Looking forward to hearing about you in action.
@RussSharek - Let me know what you think!
I gave it a listen yesterday. A terrific story, especially the oh @#$% moment when you got caught.
I'm glad to see your improv chops are still strong.
@RussSharek - Improv is a big part of my job!
@RussSharek - But so is screaming...
Clearly on both counts. ;)
Holy shit you are a beast! I was cracking up at the laptop heist. Few would think about doing that and even fewer would actually do it.
@ryen - Hehehe :) Cheers!
Okay, I'm definitely going to listen to this one.
@tinker Hey, that was a hilarious episode! Especially the part at the end with the old lady - HIM! THERE!
When I listen to these stories, I always assume they're gonna left ports open, repeated passwords, website pages that are available through manually typed URLs and stuff...
and then you tell everything that went wrong FOR the red team... oh boy. That was hilarious.
Thanks for sharing.
P.S. I envy your job.
@rick_777 - Cheers! Yeah, I like talking about when I get my ass kicked. Its nice to know what works.
And I like my job. Took a while to get here, but it’s awesome.
@tinker Great story, thanks for sharing. Had a good laugh listening to your odyssey
@mschuster - Cheers :)
@tinker That was amazing ! Thanks for sharing that story with us !😍
@ekiza - Cheers, Faisal!
@tinker Your Darknet Diaries story was awesome! It was one of the first episodes I listened to and now I've spent the whole day listening to a dozen more.
@tpharrison - Cheers! I appreciate you saying that!
A Mastodon instance for info/cyber security-minded people.