- Papercut Print Logger
- XSS and Deserialization Chain Attack
- Decyrpting Admin password using DNSpy debug
- HTA Handler RCE (CVE-2017-0199)
- LSA Secrets
- AD Recycle Bin
- Eternal Blue
- Eternal Blue - Exploits
- Powershell Web Access
- Kerberoasting using Powershell
- Hashes
- ManageEngine Service Desk Plus (SDP)
- DPAPI (Data Protection API)
- Kerberoasting - Impacket
- Kerberoasting - Rubeus
- AS-REP Roasting using Impacket
- Malicious DLL Injection
- Insecure Dynamic DNS Updates
- Extracting creds from AD Connect
- Zipped LNK files over SMB
- Malicious SCF File Upload
- IIS