Active Directory Explorer

Using Microsoft AD Explorer to collect Active Directory attack path information.

Active Directory DACL Attacks

Exploiting misconfigured Active Directory access control lists.

Persistence Mechanisms

Maintaining access to a target system.

Entra ID Connect

Extracting credentials from Azure Entra Connect.

Password Filters

Using password filters to intercept logon credentials.

Coerced Authentication

Persuading Windows hosts to provide machine account credentials.

LD_PRELOAD Exploitation

Using LD_PRELOAD for dynamic function hooking and privilege escalation.

IPv6 Penetration Testing

Testing IPv6 security.

Bypassing Multi Factor Authentication

Intercepting multi factor authentication credentials using an Nginx reverse proxy.


Sending Phishing emails to capture login credentials.


Using Terraform to deploy testing infrastructure & auditing Terraform configuration files.

Keystroke Logging

Logging Keystrokes with SetWindowHookEx.