Knowledge Hub

Practitioner-grade cybersecurity content

Technical playbooks, war stories, and how-to-think guides — written by practitioners, anchored to the Indian context.

Want structured, step-by-step learning instead? Explore the Academy (guided courses) or the AI security hub.

Latest articles

Most recent practitioner playbooks across every track. Filter by topic in the sidebar, or use search.

Module 16 · AD Tier-0 Hardening — The Defender’s Playbook

Why this module exists. Most AD breaches succeed because Domain Admin credentials end up exposed on workstations or member servers. Microsoft’s Tiered…

Apr 27, 2026 · 4 min read

Academy

Module 15 · Password Spraying Against AD in 2026

Why this module exists. Brute force = trying many passwords against one account → triggers lockout. Spraying = trying one password against…

Apr 27, 2026 · 3 min read

Academy

Module 14 · Group Policy Object (GPO) Abuse

Why this module exists. Group Policy was designed in 2000 to centralise Windows administration. It’s still the primary configuration mechanism for AD-joined…

Apr 27, 2026 · 3 min read

Academy

Module 13 · Azure AD / Entra ID Attack Surface

Why this module exists. Indian enterprises moved their identity to Microsoft 365 / Entra ID (formerly Azure AD) in waves between 2019…

Apr 27, 2026 · 4 min read

Academy

Module 12 · DPAPI — Windows Data Protection API Attacks

Why this module exists. DPAPI is how Windows stores “secrets” — Wi-Fi passwords, browser-saved credentials, RDP credentials, OneDrive tokens, certificates. Attackers who…

Apr 27, 2026 · 3 min read

Academy

Module 11 · Kerberos Delegation Abuse — Unconstrained, Constrained, RBCD

Why this module exists. Kerberos delegation is one of the most-misunderstood AD features and one of the most-abused. Three flavours, all dangerous…

Apr 27, 2026 · 4 min read

Academy

Module 10 · DCSync — Domain Replication Abuse

Why this module exists. DCSync is the technique that lets an attacker dump every credential in your domain — without ever touching…

Apr 27, 2026 · 3 min read

Academy

Module 9 · Pass-the-Hash & Pass-the-Ticket

Why this module exists. Pass-the-Hash was first published in 1997. Microsoft has shipped 28 years of mitigations and the technique still works…

Apr 27, 2026 · 3 min read

Academy

Module 8 · AS-REP Roasting — The Quiet Cousin of Kerberoasting

Why this module exists. Every AD pentester checks Kerberoasting first. Most check AS-REP Roasting second. The astonishing thing is how often it…

Apr 27, 2026 · 2 min read

Academy

Module 27 · Session Management — Beyond Cookies

Why this module exists. Every web app makes session decisions in the first month of development that they regret 18 months later.…

Apr 27, 2026 · 11 min read

← Newer 1 … 52 53 54 55 56 … 91 Older →