Using Microsoft AD Explorer to collect Active Directory attack path information.
Active Directory DACL Attacks
Exploiting misconfigured Active Directory access control lists.
Persistence Mechanisms
Maintaining access to a target system.
Entra ID Connect
Extracting credentials from Azure Entra Connect.
Password Filters
Using password filters to intercept logon credentials.
Coerced Authentication
Persuading Windows hosts to provide machine account credentials.
LD_PRELOAD Exploitation
Using LD_PRELOAD for dynamic function hooking and privilege escalation.
IPv6 Penetration Testing
Testing IPv6 security.
Bypassing Multi Factor Authentication
Intercepting multi factor authentication credentials using an Nginx reverse proxy.
Phishing
Sending Phishing emails to capture login credentials.
Terraform
Using Terraform to deploy testing infrastructure & auditing Terraform configuration files.
Keystroke Logging
Logging Keystrokes with SetWindowHookEx.