Archive - 7 Minute Security's Substack

Tuesday TOOLSday: DIY pentest dropbox tips

Make remote access to your dropbox even easier

Dec 4 •

19:52

November 2025

Tuesday TOOLSday: SQL server defense 101

Don't let attackers relay free high-priv SQL creds!

Nov 27 •

11:57

Tuesday TOOLSday: Lithnet AD Password Protection

Keep bad passwords out of your AD for free? Yes please.

Nov 20 •

18:53

Light Pentest LITE:GOAD logo winner announced!

And it was hard to choose just one

Nov 17 •

Tuesday TOOLSday: LAPS quick install

An essential FREE blue team control for your Active Directory

Nov 13 •

22:04

Tuesday TOOLSday: Pretender

A nice alternative to mitm6

Nov 6 •

15:11

October 2025

Tuesday TOOLSday: Kerberoasting Kleanup

Nuke those old SPN and embrace service account best practices

Oct 30 •

14:55

Tuesday TOOLSday: egress filtering

A quick way to check what's allowed from your internal > external network

Oct 21 •

Tuesday TOOLSday: benefits of a security ticketing system

Ticketing + inventorying = good security

Oct 15 •

20:06

Tuesday TOOLSday: mssqlkaren

Stealing SCCM creds with Karen's help!

Oct 7 •

9:32

Tuesday TOOLSday: coercing HTTP auth w/scheduled tasks

Schtasks continue to be sneaky!

Oct 3 •

22:15

September 2025

Tuesday TOOLSday: coercing SMB auth w/scheduled tasks

Didn't lead to domain admin, but I'll still take it!

Sep 26 •

17:45

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts