Knowledge Hub

Practitioner-grade cybersecurity content

Technical playbooks, war stories, and how-to-think guides — written by practitioners, anchored to the Indian context.

Want structured, step-by-step learning instead? Explore the Academy (guided courses) or the AI security hub.

Latest articles

Most recent practitioner playbooks across every track. Filter by topic in the sidebar, or use search.

Module 12 · EDR Evasion — Defender View

Modern EDRs (CrowdStrike, SentinelOne, Defender for Endpoint, Carbon Black) hook into kernel and user space. Attackers evolved evasion. Knowing the techniques helps…

Apr 27, 2026 · 1 min read

Academy

Module 10 · Windows Hardening — GPO Baseline

Microsoft publishes Security Baselines for Windows Server and Windows 10/11. Adoption rate in Indian enterprises: low. The Microsoft Security Baseline Free GPO…

Apr 27, 2026 · 1 min read

Academy

Module 15 · Cobalt Strike — Defender Perspective

Cobalt Strike is the most-used commercial C2 framework — by red teams and by the most ransomware operators. Defenders must know its…

Apr 27, 2026 · 1 min read

Academy

Module 14 · EvilGinx — Modern Phishing

For defensive understanding only. Don’t deploy without clear authorisation. EvilGinx is the proof that “MFA stops phishing” was true in 2018, false…

Apr 27, 2026 · 1 min read

Academy

Module 13 · OSINT & External Recon

Recon is the cheapest, highest-yield phase of any engagement. Tools that pay back the time investment. Subdomain enumeration # Passive (no traffic…

Apr 27, 2026 · 1 min read

Academy

Module 12 · BloodHound — Operator Guide

Module 3 (AD track) and Module 174 covered BloodHound conceptually. This is the operator manual. Collection # SharpHound from Windows (any domain…

Apr 27, 2026 · 1 min read

Academy

Module 11 · Responder & MITM6

Most internal pentests start with passive listening. Responder + MITM6 capture authentication attempts and convert them to crackable hashes. Responder — LLMNR/NBT-NS…

Apr 27, 2026 · 1 min read

Academy

Module 10 · CrackMapExec / NetExec

CrackMapExec (now NetExec / nxc) is the parallel-executor that makes Impacket scriptable across hundreds of hosts. Workflow # Enumerate SMB hosts nxc…

Apr 27, 2026 · 1 min read

Academy

Module 9 · Impacket — The Swiss Army Knife

Python toolkit for SMB/MSRPC/Kerberos. Used in nearly every AD pentest. Top scripts secretsdump.py — dump SAM, LSA, NTDS psexec.py / smbexec.py /…

Apr 27, 2026 · 1 min read

Academy

Module 8 · John & Hashcat — Cracking Workflow

Why this module. Cracked hashes power lateral movement. Knowing how to crack quickly turns a low-impact LSASS dump into a Domain Admin…

Apr 27, 2026 · 1 min read

← Newer 1 … 46 47 48 49 50 … 91 Older →