Active Directory Trust Attacks: Good Friends Today, Footholds Tomorrow
A practical look at Active Directory trust relationships, why misconfigurations matter, and how defenders can reduce cross-domain attack paths.
Active Directory
ADCS: Mastering Domain Compromise in Minutes
ADCS is a critical identity component. This article explains why certificate-service misconfigurations matter and how to think about detection, hardening, and risk.
DACL Attacks II: Mastering the Art of Exploiting Misconfigurations
Advanced DACL notes focused on misconfiguration impact, privilege paths, and how defenders can identify dangerous permissions.
DACL Attacks I: Tearing Down Access Barriers
An introduction to DACL security in Active Directory: permissions, abuse paths, and why access-control hygiene matters.
Kerberos Attacks: Mastering the Three-Headed Beast
Kerberos security notes for Active Directory environments, covering ticket-based authentication concepts, common risks, and practical defensive awareness.
Inside the System: Cracking Windows Lateral Movement
Windows lateral-movement concepts from a lab perspective, with emphasis on how movement paths are discovered, validated, and defended.
Hunting in AD with BloodHound: Sniffing Our Way to DA
BloodHound-focused notes on mapping Active Directory relationships, finding attack paths, and turning graph data into useful remediation guidance.
Using CrackMapExec: A Pen Tester’s Guide to Network Domination
CrackMapExec methodology for authorized network assessments: enumeration, validation, and responsible reporting without losing sight of defensive value.
Mastering Active Directory with PowerView: Everything You Need to Know
PowerView and SharpView notes for Active Directory enumeration, with focus on methodology, useful signals, and defensive visibility.
Mastering Active Directory LDAP: Key Concepts and Best Practices
LDAP fundamentals for Active Directory security work: how directory data is structured, queried, and used during authorized assessments.
Master Active Directory Enumeration & Attacks: Insights from HTB Academy
A practical HTB Academy module review focused on Active Directory enumeration, attack-path thinking, and the foundations needed for serious enterprise security testing.
Road to CAPE Certification: My Journey Through HTB Academy’s Active Directory Penetration Tester
A high-level journey through HTB Academy Active Directory Penetration Tester preparation, focused on methodology, lessons learned, and building practical AD security skills.