Knowledge Hub

Practitioner-grade cybersecurity content

Technical playbooks, war stories, and how-to-think guides — written by practitioners, anchored to the Indian context.

Want structured, step-by-step learning instead? Explore the Academy (guided courses) or the AI security hub.

Latest articles

Most recent practitioner playbooks across every track. Filter by topic in the sidebar, or use search.

Cloud Security

AWS EC2 SSRF: How One Curl Command Becomes a Cloud Compromise

One missing input filter on a server-side request lets an attacker reach 169.254.169.254 from your EC2 instance. From that single curl: IAM…

Apr 25, 2026 · 5 min read
Cloud Security

AWS IAM Privilege Escalation: 7 Paths from Read-Only to AdministratorAccess

From a leaked low-privilege AWS access key to AdministratorAccess in eight minutes. Seven well-known IAM privilege escalation paths — CreateLoginProfile, AttachUserPolicy, PutPolicy,…

Apr 25, 2026 · 6 min read
Active Directory

Golden vs Silver vs DCShadow: Which Persistence Wins (Defender’s View 2026)

Three post-Domain-Admin persistence techniques, compared from the defender's lens — operational profile, what each leaves behind, what detects each, and which one…

Apr 25, 2026 · 6 min read
Active Directory

Active Directory Threat Modeling: Where Attackers Will Hit First (2026)

Most defensive AD work happens reactively after a pentest. Threat modeling AD means thinking the way attackers do before the pentest. Empirical…

Apr 25, 2026 · 6 min read
Blue Team

7 SIEM Rules That Actually Catch Lateral Movement (Splunk, Elastic, Sigma)

Average dwell time before detection in Indian enterprise environments: 14 to 42 days, mostly spent on lateral movement. Seven specific, tunable SIEM…

Apr 25, 2026 · 6 min read
Active Directory

NTDS.dit Extraction in 2026: 4 Methods, 5 SIEM Rules, 1 Domain at Stake

Domain hash extraction is the de-facto endgame of an AD-focused engagement. Four methods red-teamers actually use — DCSync, VSS+ntdsutil, SAM hive pivot,…

Apr 25, 2026 · 6 min read
Red Teaming

Bypassing AppLocker and WDAC with LOLBins: A 2026 Field Guide

Microsoft signs hundreds of binaries that ship with Windows. Many can execute arbitrary code under AppLocker. This is the practitioner's catalogue of…

Apr 25, 2026 · 6 min read
Active Directory

Pass-the-Hash in 2026: Why Microsoft’s Mitigations Aren’t Enough

Pass-the-Hash is a 1997 attack that should have died in 2014. It still works in most Indian enterprise environments because the mitigations…

Apr 25, 2026 · 6 min read
Active Directory

7 BloodHound Cypher Queries That Find Real AD Privilege Paths (Not the Default Ones)

Default BloodHound queries miss 80% of the real privilege chains in your Active Directory. Seven custom Cypher queries — for sessions, custom-group…

Apr 25, 2026 · 8 min read
Active Directory

Kerberoasting in 2026: Why It Still Works in 80% of Indian AD Environments

Kerberoasting is a 2014 attack still cracking service-account passwords in 80% of Indian enterprise pentests. Why it persists, how to execute it…

Apr 25, 2026 · 8 min read
1 67 68 69 70 71 91