blog category
Industry Insights
Industry Insights
Getting the Most Value Out of the OSCP: The PEN-200 Course
TL;DR In this second post of a five-part series, I provide advice on how to best...
By: Kieran Croucher
Mar 4, 2025 • 15 min read
Read Post
Industry Insights
Getting the Most Value Out of the OSCP: Pre-Course Prep
TL;DR The first post in a five-part practical guide series on maximizing the professional, educational, and...
By: Kieran Croucher
Feb 12, 2025 • 20 min read
Read Post
Industry Insights
Entra Connect Attacker Tradecraft: Part 2
Now that we know how to add credentials to an on-premises user, lets pose a question:...
By: Daniel Heinsen
Jan 22, 2025 • 11 min read
Read Post
Industry Insights
Demystify Active Directory Certification Services (AD CS) Components
By: Youssef Kaiboussi
Dec 20, 2024 • 6 min read
Read Post
Industry Insights
Attacking Entra Metaverse: Part 1
This is part one in a two (maybe three…) part series regarding attacker tradecraft around the...
By: Daniel Heinsen
Dec 13, 2024 • 8 min read
Read Post
Industry Insights
PHISHING SCHOOL A Decade of Distilled Phishing Wisdom I decided to give away all of my phishing...
By: Forrest Kasler
Aug 21, 2024 • 5 min read
Read Post
Industry Insights
Hiding C2 With Stealthy Callback Channels Write a custom command and control (C2) implant — Check...
By: Forrest Kasler
Aug 14, 2024 • 12 min read
Read Post
Industry Insights
PHISHING SCHOOL Making Your Malware Look Legit to Bypasses EDR I wanted to write this blog about...
By: Forrest Kasler
Jul 30, 2024 • 8 min read
Read Post
Industry Insights
PHISHING SCHOOL How to Bypass EDR With Custom Payloads If endpoint detection and response (EDR) protections keep...