In this episode we've got the whole Offensive Security team at SecurIT360 on the podcast to talk about exciting moments of 2022 and what everyone is exited for as we move into 2023 and beyond. Thank you for listening and/or watching! If you enjoy our podcast we'd love to know what specifically you enjoy so we can make more of that type of content. Merry Christmas and Happy New Year!Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

In this episode Spencer and Darrius discuss an amazing new AI chatbot that has taken the internet by storm and captivated the infosec community. Listen to this episode to learn what ChatGPT is, how it can be used (and abused) and what the possible implications are (good and bad) of such an amazing piece of technology. Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

CTF, or Capture The Flag, is a great way to expand your learning and understanding of various information security topics. It can also be great fun and a great way to meet people in the industry. In this episode Spencer and Darrius talk about the benefit of using CTFs to keep your pentesting skills sharp over the holiday "break."Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

In this episode, Darrius and Brad talk about Portswigger's Burp Suite, how they use it, and why it's important. They also offer a sneak-peak into what's coming in 2023! Blog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

In this episode Spencer and Brad talk about the hidden dangers of not properly protecting Microsoft WSUS Servers. That's Windows Server Update Service for those not in the know. Attackers often use legitimate functionality to gain ground and WSUS is no different.Nettitude blog discussing SharpWSUS: Introducing SharpWSUS - Nettitude LabsSpencer's fork of SharpWSUS: GitHub - techspence/SharpWSUS: SharpWSUS is a c# tool for abusing Microsoft Windows Server Update Services for Lateral MovementBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

In this episode Brad is joined by Matt Tesauro to talk all things OWASP, API Hacking and DevSec. Matt Tesauro is a Distinguished Engineer at NoName Labs, a member of the OWASP Global Board of Directors and Founder of 10Security, the creators of DefectDojo.Matt Tesauro is a DevSecOps and AppSec guru with specialization in creating security programs, leveraging automation to maximize team velocity and training emerging and senior professionals. When not writing automation code in Go, Matt is pushing for DevSecOps everywhere via his involvement in open-source projects, presentations, trainings and new technology innovation.Twitter:   https://twitter.com/matt_tesauroLinkedIn: https://www.linkedin.com/in/matttesauro/DefectDojo: https://www.defectdojo.org/DefectDojo on Github: https://github.com/DefectDojo/django-DefectDojoDefectDojo commercial support: https://www.defectdojo.com/API Security: https://www.slideshare.net/mtesauro/hacking-and-defending-apis-red-and-blue-make-purplepdfAPI Security Tools: https://owasp.org/www-community/api_security_tools (always looking for additions!)OWASP:Become an OWASP Member: https://owasp.org/membership/Find a local chapter: https://owasp.org/chapters/Find a cool project: https://owasp.org/projects/OWASP Cheat Sheets: https://cheatsheetseries.owasp.org/OWASP Web Security Testing Guide: https://owasp.org/www-project-web-security-testing-guide/OWASP Mobile Application Security: https://owasp.org/www-project-mobile-app-security/OWASP API Security Top 10: https://owasp.org/www-project-api-security/OWASP Dependency-Check: https://jeremylong.github.io/DependencyCheck/OWASP Dependency-Track: https://dependencytrack.org/Blog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

Are you looking for your first job in penetration testing? Perhaps you're looking to advance and up your skills or maybe you're a manager looking to hire a penetration tester to your team. In this episode Brad, Spencer and Darrius talk about which pentesting certs to get and why.Blog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

This is part 3 of a multi-episode series where the Offsec group at SecurIT360 dives into the details of various Offensive Security Tests, what they mean, what to expect, war stories and much more!Blog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

This is part 2 of a multi-episode series where the Offsec group at SecurIT360 dives into the details of various Offensive Security Tests, what they mean, what to expect, war stories and much more!Blog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

Coming at you LIVE from LegalSec22 in San Antonio Texas. In this episode Brad and Spencer discuss common security challenges that are unique to law firms and provide insights on ways to begin solving those challenges.Blog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com