Using Microsoft AD Explorer to collect Active Directory attack path information.
Exploiting misconfigured Active Directory access control lists.
Maintaining access to a target system.
Extracting credentials from Azure Entra Connect.
Using password filters to intercept logon credentials.
Persuading Windows hosts to provide machine account credentials.
Using LD_PRELOAD for dynamic function hooking and privilege escalation.
Testing IPv6 security.
Intercepting multi factor authentication credentials using an Nginx reverse proxy.
Sending Phishing emails to capture login credentials.
Using Terraform to deploy testing infrastructure & auditing Terraform configuration files.
Logging Keystrokes with SetWindowHookEx.