In this episode of Hack Dissection, Mike Lisi is joined once again by ethical hacker Graham O’Donnell to unpack a memorable internal penetration test at a K-12 school district. What started with a forgotten, outdated Windows machine in a bus garage quickly escalated into full domain compromise—and revealed just how fragile infrastructure can be when one unpatched endpoint gets plugged back in.

Mike and Graham walk through each stage of the assessment, from asset mapping to privilege escalation, showing how seemingly minor oversights can trigger devastating cascading effects. Along the way, they highlight how tools like BloodHound, EternalBlue, and Mimikatz played pivotal roles, and why school districts—despite tight budgets—must prioritize cyber hygiene.

This episode dives into real-world tactics, practical takeaways for IT teams, and some wild detours into smartboards, PA systems, and Russian hacking forums.

🔐 Key topics:

• Pen testing vs. red teaming
• Internal vs. external assessments
• Risks of legacy systems in modern environments
• Miscommunications that lead to major security gaps
• The real-world implications of cached credentials

If you’re a school IT admin, security pro, or just a fan of behind-the-scenes cybersecurity stories, this episode is a must-listen.

🎧 Want to share your own pen test war story? Reach out: contact@malteksolutions.com

In this episode, Mike Lisi sits down with Graham O'Donnell, a penetration tester at Maltek Solutions, to explore the mindset and methods behind physical security testing. From the art of blending in with a Carhartt jacket to the thrill of mapping out buildings like real-life Hitman levels, Graham shares his journey from curious wanderer to professional pen tester. Topics covered in this episode:

🔹 The thrill of exploring abandoned places

🔹 How photography sparked a career in cybersecurity

🔹 Lessons learned from early mistakes

🔹 The tools and tactics used to bypass physical security

🔹 Why physical security is often overlooked in modern businesses

Whether you’re an aspiring ethical hacker or just curious about the world of physical security, this episode will give you a behind-the-scenes look at what it takes to break into the field – and the buildings. 🔔 Don’t forget to like, subscribe, and hit the notification bell to stay up-to-date with the latest episodes of Hack Dissection.

#HackingForGood #Cybersecurity #PhysicalSecurity #EthicalHacking #TechTalk

In this episode of Hack Dissection, ethical hacker and TASBot creator Allan Cecil dives into the fascinating world of tool-assisted speedruns and video game exploitation. Discover how unchangeable, read-only code can still be manipulated to reveal unexpected behavior—and what that teaches us about cybersecurity, system flaws, and human ingenuity.