In this episode of Hack Dissection, hosts Mike Lisi and Graham O'Donnell sit down with red teamer, educator, and co-author of Redefining Hacking — Wesley Thurner. What starts as a light-hearted conversation about soldering badges at Cactus Con quickly dives deep into red team tactics, AI exploitation, and the culture of CTF (Capture the Flag) competitions.

Wesley shares real-world stories from his time in the military, his role on red teams at Amazon and Intuit, and his work organizing large-scale CTF events through ThreatSim and Red Team Village. From session hijacking and model poisoning to building MVP command-and-control tools with LLMs, this episode is packed with insights from the front lines of ethical hacking.

Whether you're a cybersecurity pro, CTF player, or curious about how AI is reshaping the red team playbook, this conversation offers a rare look behind the curtain — with humor, humility, and a whole lot of practical wisdom.

Topics covered:

• Creative red team engagements involving AI platforms
• How tainted training data can derail machine learning models
• The evolving power (and danger) of prompt engineering
• CTF design philosophy and community-first organizing
• Why the simplest hacks still work in complex systems

📕 Redefining Hacking is available now — and you might even catch Wesley signing copies at DEF CON’s Red Team Village.

In this episode of Hack Dissection, Mike Lisi is joined once again by ethical hacker Graham O’Donnell to unpack a memorable internal penetration test at a K-12 school district. What started with a forgotten, outdated Windows machine in a bus garage quickly escalated into full domain compromise—and revealed just how fragile infrastructure can be when one unpatched endpoint gets plugged back in.

Mike and Graham walk through each stage of the assessment, from asset mapping to privilege escalation, showing how seemingly minor oversights can trigger devastating cascading effects. Along the way, they highlight how tools like BloodHound, EternalBlue, and Mimikatz played pivotal roles, and why school districts—despite tight budgets—must prioritize cyber hygiene.

This episode dives into real-world tactics, practical takeaways for IT teams, and some wild detours into smartboards, PA systems, and Russian hacking forums.

🔐 Key topics:

• Pen testing vs. red teaming
• Internal vs. external assessments
• Risks of legacy systems in modern environments
• Miscommunications that lead to major security gaps
• The real-world implications of cached credentials

If you’re a school IT admin, security pro, or just a fan of behind-the-scenes cybersecurity stories, this episode is a must-listen.

🎧 Want to share your own pen test war story? Reach out: contact@malteksolutions.com

In this episode, Mike Lisi sits down with Graham O'Donnell, a penetration tester at Maltek Solutions, to explore the mindset and methods behind physical security testing. From the art of blending in with a Carhartt jacket to the thrill of mapping out buildings like real-life Hitman levels, Graham shares his journey from curious wanderer to professional pen tester. Topics covered in this episode:

🔹 The thrill of exploring abandoned places

🔹 How photography sparked a career in cybersecurity

🔹 Lessons learned from early mistakes

🔹 The tools and tactics used to bypass physical security

🔹 Why physical security is often overlooked in modern businesses

Whether you’re an aspiring ethical hacker or just curious about the world of physical security, this episode will give you a behind-the-scenes look at what it takes to break into the field – and the buildings. 🔔 Don’t forget to like, subscribe, and hit the notification bell to stay up-to-date with the latest episodes of Hack Dissection.

#HackingForGood #Cybersecurity #PhysicalSecurity #EthicalHacking #TechTalk