Skip to content
  • Twitter
  • Github

root@Hausec

S P E C T E R O P S

  • Articles
    • Kerberosity Killed the Domain: An Offensive Kerberos Overview
    • Attacking Azure, Azure AD, and Introducing PowerZure
    • Offensive Lateral Movement
    • Penetration Testing Active Directory, Part I
    • Penetration Testing Active Directory, Part II
    • Yet Another OSCP Exam Blog Post
  • Cheatsheets
    • Pentesting Cheatsheet
    • BloodHound Cypher Cheatsheet
    • CypherDog Cheatsheet
  • Penetration Testing Tutorials & Write-Ups
    • Windows Privilege Escalation via Unquoted Service Paths
    • Simple Buffer Overflows (x32)
    • Domain Penetration Testing
      • Penetration Testing Active Directory, Part I
      • Penetration Testing Active Directory, Part II
      • Active Directory Assessment and Privilege Escalation Script 2.0
      • Domain Penetration Testing: Credential Harvesting via LLMNR Poisoning
      • Domain Penetration Testing: Privilege Escalation via Group Policy Preferences (GPP)
      • Domain Penetration Testing: Using BloodHound, Crackmapexec, & Mimikatz to get Domain Admin
        • Using Bloodhound to Map the Domain
      • How to set up ntlmrelayx.py
    • Vulnhub Write-ups
      • Kioptrix Level 2
      • Lord of the Root
      • Mr.Robot
      • Pwnlab_Init
      • PwnOS
      • SickOS
      • SickOS 2
      • Tr0ll
      • Tr0ll 2
      • Vulnix
    • Web Pentesting Write-Ups
      • XSS
        • Reflective XSS via String Injection
        • Bypassing JavaScript Client-side Validation
        • Bypassing JavaScript input validation
      • SQLInjections
        • UNION-Based
        • XSS With SQLi
        • SQLMap & GET Requests
    • Other Tutorials
      • How to set up Fuzzbunch (Shadowbroker’s Dump/NSA Tools)
      • Using ETERNALBLUE & DOUBLEPULSAR (Shadowbroker’s Dump/NSA Tools)
      • Using Bloodhound to Map the Domain
      • How to set up ntlmrelayx.py
  • About

BloodHound Cypher Cheatsheet

Kerberosity Killed the Domain: An Offensive Kerberos Overview

Attacking Azure, Azure AD, and Introducing PowerZure

Offensive Lateral Movement

Penetration Testing Active Directory, Part I

Penetration Testing Active Directory, Part II

Create a website or blog at WordPress.com