The Cyber Threat Perspective

In Episode 175, Spencer and Tyler break down NetTools — a free, self-contained Active Directory management and troubleshooting tool that’s become a go-to for their internal penetration testing engagements.
They start with the backstory: years of relying on AD Explorer from Microsoft Sysinternals, and the growing need to evade EDR detections. At one point, that meant manually obfuscating binaries with a hex editor. NetTools eliminates that friction entirely — no installation, no dependencies, no signatures to fight.
Topics covered include:
Why NetTools replaced AD Explorer and how EDR pressure forced the shift
Group Policy enumeration, including how to spot dangerous GPO permissions like authenticated users with write access to server OUs
LDAP Search & Browser for querying AD, identifying risky data (like passwords in descriptions), and exploring object relationships
Assigned Trustees & Permissions Reporter for fast, visual identification of misconfigurations
How to run NetTools from non-domain-joined machines using saved credential profiles
Password checker functionality for targeted validation without spraying the environment
For pentesters, it’s a faster way to get visibility into AD risk. For IT admins, it’s a practical way to audit and harden your environment.
NetTools combines the functionality of multiple tools into one portable utility. Learn more at nettools.net. Credit to creator Gary Reynolds.
NetTools | The Swiss army knife of AD troubleshooting
Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov
Follow Spencer on social ⬇
Spencer's Links: https://spenceralessi.com
Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.

In Episode 174, host Brad Causey is joined by guest Jordan Natter for a practical, tool-focused conversation on web application penetration testing. Together they break down the essential tools and Burp Suite Pro extensions that make up a modern web app pen testing toolkit.
Topics covered include:
Burp Suite Pro vs. OWASP ZAP — comparing capabilities, extensions, and use cases
CSP Auditor — identifying unsafe Content Security Policy directives
JSON Web Token (JWT) extension — surfacing and tampering with JWTs in HTTP history
Retire.js — flagging outdated JavaScript libraries with known vulnerabilities
CyberChef & JWT.io — encoding, decoding, and debugging tokens
Postman & Swagger — API testing and documentation workflows
SQLMap — powerful SQL injection discovery (and why you should never run it in production)
Proxy Forge — evading cloud-based WAFs and testing geo-blocking
GraphQL Hunter — enumerating and testing GraphQL instances
Have a tool or extension you swear by? Drop it in the comments — Brad and Jordan want to hear from you!
---
Burp Suite is an integrated platform for attacking web applications. http://portswigger.net/burp/
Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov
Follow Spencer on social ⬇
Spencer's Links: https://spenceralessi.com
Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.

How do you find insecure permissions in Active Directory before they turn into attack paths?
In this episode, we take a practical look at how to identify insecure Active Directory permissions using ADeleg, a free security tool trusted by penetration testers.
Misconfigured delegation and overly permissive access rights are a common source of risk in Active Directory environments. These gaps can create hidden attack paths—but many teams don’t know where to look or how to interpret what they’re seeing.
In this episode, we cover:
How to identify insecure permissions in Active Directory
What to look for in high-risk users and groups like Domain Users, Everyone, and Authenticated Users
How these misconfigurations translate into real-world attack paths
How to use ADeleg to analyze delegated permissions and uncover hidden risk
We also include a reference to ADeleginator, a related tool that can help automate parts of this process using PowerShell. While this episode focuses on hands-on analysis with ADeleg, ADeleginator is a useful companion for scaling this work.
Tools referenced:
ADeleg: https://github.com/mtth-bfft/adeleg

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov
Follow Spencer on social ⬇
Spencer's Links: https://spenceralessi.com
Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.

Hey folks! Greetings from the Offensive Security group at SecurIT360. Brad & Spencer are on this episode of The Cyber Threat Perspective to break down The Biggest Security Blind Spots in Mid-Size Companies.

In this episode, we expose the most common (and dangerous) gaps that leave mid-sized organizations wide open: poor asset inventory, flat networks, flat identities, overconfidence in security tools, credential reuse, and the emerging risks with AI.

If any of these hit home, go to offsec.blog/pentesting, fill out the form on our website, and see if we’re a fit for you.
Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov
Follow Spencer on social ⬇
Spencer's Links: https://spenceralessi.com
Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.

Pentesting is quickly evolving with the integration of AI, fundamentally changing how cybersecurity professionals approach their work. In this episode, Spencer and Brad discuss the real shifts they’re seeing in the industry and what the future may look like.
The pivotal changes in AI that have impacted pentesting over the past year
The emergence of agents, orchestration, and single-pane-of-glass platforms for streamlined operations
How AI is enabling rapid tool creation, customization, and administrative efficiency
The effect of AI on skillsets, closing the gap between junior and senior pentesters
Why human expertise remains irreplaceable despite advancements in AI-driven tools
Tune in to hear straight-forward perspectives on the future of pentesting and actionable insights for professionals looking to stay ahead.
Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov
Follow Spencer on social ⬇
Spencer's Links: https://spenceralessi.com
Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.