Red Teaming · 46 articles

Red Teaming

AD exploitation, lateral movement, persistence, defense evasion — MITRE ATT&CK aligned playbooks.

Active Directory

Kerberoasting in 2026: Why It Still Works in 80% of Indian AD Environments

Kerberoasting is a 2014 attack still cracking service-account passwords in 80% of Indian enterprise pentests. Why it persists, how to execute it…

Apr 25, 2026 · 8 min read
Active Directory

7 BloodHound Cypher Queries That Find Real AD Privilege Paths (Not the Default Ones)

Default BloodHound queries miss 80% of the real privilege chains in your Active Directory. Seven custom Cypher queries — for sessions, custom-group…

Apr 25, 2026 · 8 min read
Active Directory

Pass-the-Hash in 2026: Why Microsoft’s Mitigations Aren’t Enough

Pass-the-Hash is a 1997 attack that should have died in 2014. It still works in most Indian enterprise environments because the mitigations…

Apr 25, 2026 · 6 min read
Red Teaming

Bypassing AppLocker and WDAC with LOLBins: A 2026 Field Guide

Microsoft signs hundreds of binaries that ship with Windows. Many can execute arbitrary code under AppLocker. This is the practitioner's catalogue of…

Apr 25, 2026 · 6 min read
Active Directory

NTDS.dit Extraction in 2026: 4 Methods, 5 SIEM Rules, 1 Domain at Stake

Domain hash extraction is the de-facto endgame of an AD-focused engagement. Four methods red-teamers actually use — DCSync, VSS+ntdsutil, SAM hive pivot,…

Apr 25, 2026 · 6 min read
Active Directory

Golden vs Silver vs DCShadow: Which Persistence Wins (Defender’s View 2026)

Three post-Domain-Admin persistence techniques, compared from the defender's lens — operational profile, what each leaves behind, what detects each, and which one…

Apr 25, 2026 · 6 min read
1 3 4 5