7MS #393: Interview with Peter Kim
SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount!
Peter Kim of The Hacker Playbook series joins me today to talk about all things hacking! Peter runs a popular west coast hacker meetup, and I was fortunate enough to attend his Real World Red Team training, which I wrote a review about here. Peter sat down with me over Skype to talk about:
- The origin story of The Hacker Playbook series (btw please buy it, don't steal it! :-)
- How do you balance work and family life when trying to pwn all the things and have a personal life and significant other?
- How do you break into security when your background is in something totally different, like a mechanic, artist or musician?
- What are some good strategies when approaching a red team engagement - do you always start "fresh" from the perimeter? Do you assume compromise and throw a dropbox on the network? Some combination of both?
- What are some other low-hanging fruit organizations can use to better defend their networks?
- Do you run across some of these good defenses - like honeypots - in your engagements?
- If you could put on a wizard hat and solve one security problem (be it technical, personnel or something else) what would it be?
- Stuck on a pentest? Try explaining the situation to a non-technical person!
- What irks you during a pentest?
- Have you run into any cyber deception on a pentest, or other things that make you go "Curse you blue team!!!"?
- Have you ever stumbled upon a legitimate compromise or breach during testing?
- Do you do your own "house clean up" when done with an engagement (killing shells, removing .scf files, payloads, artifacts, etc.) or do you leave that responsibility up to the client?
We concluded with some off-topic questions:
- What would you do if you weren't doing security?
- What movie or movie character resembles your life?
- If you had to wear one shirt for the rest of your life, what would it be/say and why?
- Would you rather have a belly button that could dispense ketchup, or fingers that could dispense hot dogs?
- You've got Bruce Willis, Mike Pence and Pink in a room. You need to hug one, do a 17-hour non-stop road trip with one, and be a year-long security consultant to the third. Who do you pick, and why?
Want to learn more about Peter Kim and his work? Check this out:
- Secure Planet training
- The Hacker Playbook series