OSEP Exam Review & Prep Guide 2025: My Road to OffSec Experienced Penetration Tester
My no-spoiler OSEP review: preparation strategy, Windows lab mindset, evasion reasoning, reporting lessons, and what actually helped me pass.
Tools & Tradecraft
Sliver C2: Mastering Command & Control for Red Team Operations
A high-level review of Sliver C2 concepts for authorized red team operations, with emphasis on lab scope, operational discipline, and defensive lessons.
Hunting in AD with BloodHound: Sniffing Our Way to DA
BloodHound-focused notes on mapping Active Directory relationships, finding attack paths, and turning graph data into useful remediation guidance.
Using CrackMapExec: A Pen Tester’s Guide to Network Domination
CrackMapExec methodology for authorized network assessments: enumeration, validation, and responsible reporting without losing sight of defensive value.
Mastering Active Directory with PowerView: Everything You Need to Know
PowerView and SharpView notes for Active Directory enumeration, with focus on methodology, useful signals, and defensive visibility.