Red Teaming
AD exploitation, lateral movement, persistence, defense evasion — MITRE ATT&CK aligned playbooks.
Kerberoasting in 2026: Why It Still Works in 80% of Indian AD Environments
Kerberoasting is a 2014 attack still cracking service-account passwords in 80% of Indian enterprise pentests. Why it persists, how to execute it…
Active Directory7 BloodHound Cypher Queries That Find Real AD Privilege Paths (Not the Default Ones)
Default BloodHound queries miss 80% of the real privilege chains in your Active Directory. Seven custom Cypher queries — for sessions, custom-group…
Active DirectoryPass-the-Hash in 2026: Why Microsoft’s Mitigations Aren’t Enough
Pass-the-Hash is a 1997 attack that should have died in 2014. It still works in most Indian enterprise environments because the mitigations…
Red TeamingBypassing AppLocker and WDAC with LOLBins: A 2026 Field Guide
Microsoft signs hundreds of binaries that ship with Windows. Many can execute arbitrary code under AppLocker. This is the practitioner's catalogue of…
Active DirectoryNTDS.dit Extraction in 2026: 4 Methods, 5 SIEM Rules, 1 Domain at Stake
Domain hash extraction is the de-facto endgame of an AD-focused engagement. Four methods red-teamers actually use — DCSync, VSS+ntdsutil, SAM hive pivot,…
Active DirectoryGolden vs Silver vs DCShadow: Which Persistence Wins (Defender’s View 2026)
Three post-Domain-Admin persistence techniques, compared from the defender's lens — operational profile, what each leaves behind, what detects each, and which one…