Reflective DLL Injection

Executing DLL’s from memory.

DLL Injection

Injecting DLL’s into remote processes.

Interacting with Foreign Handlers

Writing stagers to interact with foreign C2 frameworks.


A Metasploit command reference.

Active Directory Schema Modification

Changing default security descriptor properties to escalate from a child to parent domain.

Exploiting Tomcat

Exploiting common Tomcat vulnerabilities.

Configuring Kali

Adding additional security auditing tools to Kali.

Attacking MSSQL

Compromising MSSQL databases, and escalating privileges.

Golden gMSA Attacks

Extracting gMSA service accounts from child domains.

SID History Abuse

Modifying SID History values to compromise parent domains.

Backup Operator Privilege Escalation

Extracting domain controller credentials using the Backup Operators group.

Active Directory Explorer

Using Microsoft AD Explorer to collect Active Directory attack path information.

Active Directory DACL Attacks

Exploiting misconfigured Active Directory access control lists.

Persistence Mechanisms

Maintaining access to a target system.

Entra ID Connect

Extracting credentials from Azure Entra Connect.

Password Filters

Using password filters to intercept logon credentials.

Coerced Authentication

Persuading Windows hosts to provide machine account credentials.

LD_PRELOAD Exploitation

Using LD_PRELOAD for dynamic function hooking and privilege escalation.