War Stories

This week, Zac dials in with Len Noe, the world's first "augmented ethical hacker" (of course by that... we mean CYBORG!). Len has implanted 10 microchips between his elbows and fingers, which he can leverage to execute a variety of offensive security attacks. Len walks us through his journey of developing new techniques using implantable technologies, as well as how he fortifies his own personal security using these implants. Easily one of the most interesting humans in our generation. Len is also an author with a new book "Human Hacked: My Life and Lessons as the World's First Augmented Ethical Hacker" coming out October 29th! Pre-order for Len's book: https://www.amazon.com/Human-Hacked-Lessons-Augmented-Ethical/dp/1394269161 [https://www.amazon.com/Human-Hacked-Lessons-Augmented-Ethical/dp/1394269161] Len's implant manufacturer: https://dangerousthings.com/ [https://dangerousthings.com/] Len's body mechanic: https://www.shamanmods.com/ [https://www.shamanmods.com/] --- Support this podcast: https://podcasters.spotify.com/pod/show/war-stories-007/support [https://podcasters.spotify.com/pod/show/war-stories-007/support]

This week, Zac sits down with Mike Piekarski [https://www.linkedin.com/in/michaelpiekarski/]. Mike is a bug bounty specialist, penetration tester, and solutions architect. He is also the founder of Breach Craft (breachcraft.io [https://www.breachcraft.io/]), a boutique cybersecurity firm based in Pennsylvania. Zac and Mike discuss Mike's most successful bug bounty targeting one of the biggest companies in the world via an insecure Cisco configuration. They also touch on the power of the Project Discovery toolkit (projectdiscovery.io [projectdiscovery.io]), and Mike tells the story of trying to use a Santa suit on a social engineering engagement. Produced www.sevnx.com [www.sevnx.com] CyberCoffee drinkcybercoffee.com [drinkcybercoffee.com] Use promo code WAR10 to save 10% --- Support this podcast: https://podcasters.spotify.com/pod/show/war-stories-007/support [https://podcasters.spotify.com/pod/show/war-stories-007/support]

This week, Zac sits down with Faisal Tameesh [https://www.linkedin.com/in/faisaltameesh/]. Faisal is a senior red team operator at NVIDIA and a "hacker of all trades" with experience in software development, pentesting, red teaming, social engineering, exploit development, and reverse engineering. Zac and Faisal discuss the technical details of the CrowdStrike incident, take a deep dive on the art of human deception and how the cybersecurity landscape evolves over time. Finally, they share several stories involving social engineering and other common issues we encounter on penetration tests. Faisal's Website - https://primalcerebral.com/ [https://primalcerebral.com/] Duality Github - https://github.com/AonCyberLabs/DUALITY [https://github.com/AonCyberLabs/DUALITY] Produced www.sevnx.com [www.sevnx.com] CyberCoffee drinkcybercoffee.com [drinkcybercoffee.com] Use promo code WAR10 to save 10% --- Support this podcast: https://podcasters.spotify.com/pod/show/war-stories-007/support [https://podcasters.spotify.com/pod/show/war-stories-007/support]

This week Zac sits down with Jullian Gerhart [https://www.linkedin.com/in/jullian-gerhart-99063510a/]. Jullian is a Managing Consultant at NCC Group, which specializes in application security and application security pentesting. Jullian is also a contributor to the Application Defense Alliance [https://appdefensealliance.dev/] (https://appdefensealliance.dev/) working to create a standardized framework for securing applications in the Google Play and Apple App Stores. Zac and Jullian discuss the current state of application security, their favorite web application security vulnerability (LOVE LIVE IDOR), and we get a great story from Jullian about compromising extremely sensitive information from an unsecured API. Produced www.sevnx.com [www.sevnx.com] CyberCoffee drinkcybercoffee.com [drinkcybercoffee.com] Use promo code WAR10 to save 10% --- Support this podcast: https://podcasters.spotify.com/pod/show/war-stories-007/support [https://podcasters.spotify.com/pod/show/war-stories-007/support]

This week, Zac sits down with his longtime friend Brett DeWall [https://www.linkedin.com/in/brett-dewall/]. Brett is a Staff Specialist at White Oak Security (CyberAdvisors) [https://www.whiteoaksecurity.com/]. He is a pentester, red teamer, bug bounty hunter, and security researcher. Zac and Brett do a deep dive on the RFID hacking research Brett has conducted, as well as go over his RFID skimming solution (SkimJob). They also tell the story of starting their careers together as interns, and reminisce about physical security engagements together the did together. Brett's GitHub - https://github.com/badbiddy [https://github.com/badbiddy] SkimJob on White Oak Security Github - https://github.com/WhiteOakSecurity/SkimJob [https://github.com/WhiteOakSecurity/SkimJob] Produced www.sevnx.com [www.sevnx.com] CyberCoffee drinkcybercoffee.com [drinkcybercoffee.com] Use promo code WAR10 to save 10% --- Support this podcast: https://podcasters.spotify.com/pod/show/war-stories-007/support [https://podcasters.spotify.com/pod/show/war-stories-007/support]