3 articles
A structured guide to modern Windows attack techniques — BYOVD EDR evasion, LOLBins, invisible character injection, ClickFix delivery, NTFS steganography, and C2 over trusted cloud services. How they work, how to detect them.
A step-by-step debrief of a real-world red team engagement — from passive OSINT through AiTM phishing, EDR evasion, and ADCS exploitation to full domain compromise. What worked, what didn't, and what would have stopped us.
LSASS credential dumping is one of the most reliable post-exploitation techniques. Survey of methods from MiniDump to direct syscalls and custom loaders, with detection logic and Sysmon rules for each approach.