Kerberoasting: A Deep Dive into Service Account Attacks
A comprehensive analysis of Kerberoasting — how it works at the protocol level, detection opportunities, and hardening strategies for Active Directory environments.
Security Research & Analysis
Offensive thinking.
Offensive thinking.
Defensive expertise.
In-depth research on red team techniques, threat analysis, and blue team strategy. No fluff — only what matters.
Featured
Latest research
Archive
Recent posts
AirSnitch: How Attackers Silently Break Wi-Fi Client Isolation
AirSnitch bypasses Wi-Fi client isolation using four attack primitives — even on WPA3. Every router tested was vulnerable. Here's how it works and how to defend against it.
Agentic AI: The Enterprise Blind Spot That Attackers Already Found
AI agents that act autonomously on your behalf are already inside enterprise environments — and most security teams have no idea what they're doing. Here's what attackers exploit and how to fight back.
Your Local AI Is Listening — And So Is Everyone Else on Your Network
Ollama, LM Studio, Jupyter Notebook — you installed them for privacy, but they may be broadcasting your data to your entire network. Here's what's actually happening and how to fix it.
UPnP: The Hidden Door in Your Router That You Never Opened
UPnP lets apps silently open ports on your router without asking. It's enabled by default on almost every home router — and it has been exploited by botnets, malware, and remote attackers for decades. Here's what it is and how to turn it off.
Post-Quantum Cryptography: Why Your Encryption Will Break — And What To Do Before It Does
Quantum computers will crack today's encryption — and attackers are already stealing encrypted data to decrypt later. Here's what post-quantum cryptography means for everyone.
Starkiller: Inside Empire's C2 GUI — Red Team Playbook and Blue Team Detection
A technical deep dive into Starkiller and PowerShell Empire — how red teams deploy and operate it, and exactly how defenders can detect and disrupt it.