Summary: <p>This week I was in lovely Boise, Idaho doing some security assessment work. While I was there I got to hang out with Paul Wilch and some of the <a href="https://www.project7.io/" rel="nofollow noreferrer noopener" target="_blank">Project7</a> crew and picked up a lot of cool tools and tips I share in today's episode:</p> <ul> <li> <p>The <a href="https://www.badgerinfosec.com/" rel="nofollow noreferrer noopener" target="_blank">Badger Infosec</a> group did a cool <a href="https://shop.hak5.org/products/usb-rubber-ducky-deluxe" rel="nofollow noreferrer noopener" target="_blank">Rubber Ducky</a> demo.</p> </li> <li> <p>Dan from DDSec did a demo of <a href="https://plextrac.com/" rel="nofollow noreferrer noopener" target="_blank">PlexTrac</a> which is "the last cybersecurity reporting tool you will ever need." I'm actually going to use PlexTrac for my next few assessments and am working to line up a future interview with Dan to learn even more.</p> </li> <li> <p>Paul gave a demo of <a href="https://www.parrotsec.org/" rel="nofollow noreferrer noopener" target="_blank">Parrot</a> which is cool and Kali-like. However, when Paul and I did a side-by-side test with Kali, we noticed that Parrot kind of barfed when it set out to do an <a href="https://github.com/FortyNorthSecurity/EyeWitness" rel="nofollow noreferrer noopener" target="_blank">Eyewitness</a> report.</p> </li> <li> <p>After meeting Paul's son, Simon, I'm optimistic about the future IT/security leaders in this country. There are some wicked-smart youth out there!</p> </li> <li> <p>Paul gave me a hotel keycard lockpick/shiv (his own creation!) and staged a few doors for me to try and bypass. He made it interesting when he promised to throat-punch me if I failed! Thankfully, I got off without any throat punches!</p> </li> </ul>
