Darknet Diaries Ep 36: Jeremy from Marketing
35 snips
Apr 16, 2019 
Tinker Sikor, a skilled penetration tester with a U.S. Marines background, shares a thrilling tale about infiltrating a company as 'Jeremy from Marketing.' He reveals the complex reconnaissance techniques needed to identify vulnerabilities, including social engineering tactics and stealth operations. Tinker also discusses the challenges of breaching multi-factor authentication systems and the critical role of strong cybersecurity measures in corporate settings. His insights shed light on the ongoing battle between hackers and defenders in the digital landscape.
AI Snips
Chapters
Transcript
Episode notes
Jeremy from Marketing
- Tinker Sikor, a penetration tester, posed as "Jeremy from Marketing" to test a company's security.
- Only the CISO and an assistant knew his real identity.
Penetration Testing Methodology
- Start with passive reconnaissance, then move to active reconnaissance.
- Enumerate vulnerabilities, breach, move laterally, escalate privileges, and exfiltrate data.
Initial Reconnaissance
- Tinker used standard Windows commands like
netspace users /domainto gather information. - He collected usernames, admin details, and domain controller hostnames.