Exploiting common Tomcat vulnerabilities.
Configuring Kali
Adding additional security auditing tools to Kali.
Attacking MSSQL
Compromising MSSQL databases, and escalating privileges.
Golden gMSA Attacks
Extracting gMSA service accounts from child domains.
SID History Abuse
Modifying SID History values to compromise parent domains.
Backup Operator Privilege Escalation
Extracting domain controller credentials using the Backup Operators group.
Active Directory Explorer
Using Microsoft AD Explorer to collect Active Directory attack path information.
Active Directory DACL Attacks
Exploiting misconfigured Active Directory access control lists.
Persistence Mechanisms
Maintaining access to a target system.
Entra ID Connect
Extracting credentials from Azure Entra Connect.
Password Filters
Using password filters to intercept logon credentials.
Coerced Authentication
Persuading Windows hosts to provide machine account credentials.