Offensive Security Blog
Practical notes from penetration testing, Active Directory labs, and red team research.
I write about the way I learn and test: building labs, breaking down attack paths, validating impact, and translating offensive lessons into defensive improvements. The focus is methodology, responsible research, and practical security work.
Active Directory
Enumeration, trusts, Kerberos, DACLs, ADCS, BloodHound and enterprise attack paths.
Red Team Operations
C2 concepts, lateral movement, payload research, detection thinking and reporting discipline.
Certification Journey
OSCP, CPTS, CAPE and lessons from hands-on labs without turning posts into spoilers.
Latest research notes
OSEP Exam Review & Prep Guide 2025
My no-spoiler OSEP review: preparation strategy, Windows lab mindset, evasion reasoning, reporting lessons, and what actually helped me pass.
OSCP vs CPTS in 2025 One Made Me a Pentester The Other Got Me Hired
Hi, Im Rian glad that you showed up i will compare OSCP with CPTS. Enjoy <3 This article is a
Windows Evasion Techniques: Outsmarting Windows Defender
Microsoft Defender isn’t just antivirus anymore it is a full-spectrum detection engine guarding every Windows endpoint in real time. This
Active Directory Trust Attacks: Good Friends Today, Footholds Tomorrow
Active Directory trusts aren’t just for convenience they’re the secret backdoors most defenders forget to lock. In the wrong hands,
ADCS: Mastering Domain Compromise in Minutes
ADCS is no longer just a PKI concern it’s a domain compromise waiting to happen. Learn how to abuse or
Sliver C2: Mastering Command & Control for Red Team Operations
Quick Overview Command and Control (C2) servers are critical components in offensive security, allowing red teamers and penetration testers to
DACL Attacks II: Mastering the Art of Exploiting Misconfigurations
Quick Overview This advanced module on Discretionary Access Control Lists (DACLs) takes you deeper into the world of Windows Active