Pirate - HTB
Windows Active Directory challenge centered on delegation, Kerberos, and privilege escalation workflows.
Valid User (No Password)
Valid User (No Password) techniques and commands for Active Directory security assessment.
Trusts
Trusts techniques and commands for Active Directory security assessment.
SCCM
SCCM techniques and commands for Active Directory security assessment.
Hercules - HTB
Insane Windows AD chain featuring LDAP injection, forged ASP.NET auth cookies, file-based hash capture, ADCS abuse, and RBCD to full domain compromise.
Crack Hash
Crack Hash techniques and commands for Active Directory security assessment.
Conversor - HTB
Easy Linux box abusing XSLT injection to write a cron-executed script, then harvesting local SQLite creds and escalating via needrestart.
DarkZero - HackTheBox Writeup
An Active Directory–based pentest scenario involving MSSQL pivoting, Kerberos abuse, and privilege escalation via CVE-2024-30085.