Shashi Kant Prasad

Fox-hooded figure at glowing monitors in a neon server room, symbolizing research into WebClient abuse and defensive controls.

An In-depth Exploration into WebClient Abuse

October 9, 2023

In red teaming, understanding the potential for lateral movement within a network is crucial. One method that attackers often use for this purpose is WebClient

Havoc C2 Framework

August 30, 2023

Havoc C2 has quickly become one of many peoples’ favorite open-source C2s. Its features offer everything you need to complete a pen test or red

Fox-hooded figure managing multiple servers and monitors, representing command and control (C2) frameworks in cybersecurity.

Introduction to C2 Frameworks

July 27, 2023

Command and Control (C2) frameworks have emerged as a sophisticated and consequential dimension in the ever-evolving cybersecurity landscape. These frameworks are commonly employed by threat

Fox-in-hoodie at workstation overlooking city — visual for a guide on Active Directory Certificate Services (AD CS) abuse and defensive controls.

Exploiting MS SQL Servers

July 18, 2023

As companies continue to rely on databases to store sensitive information, securing the data has become a top priority. MS SQL Server is a popular

Resource-Based Constrained Delegation (RBCD) Attack

July 15, 2023

Resource-Based Constrained Delegation (RBCD) is a feature introduced in Windows Server 2012 that allows administrators to configure which accounts are trusted to delegate on their

Fox in a red hoodie working at multiple glowing monitors surrounded by servers — symbolizing securing and monitoring Active Directory environments.

Maximizing Active Directory Security: Tips and Best Practices

July 8, 2023

Active Directory (AD) is integral to many organizations’ IT infrastructures, serving as the repository of user identities, computer accounts, and network resources. However, due to

How Weak Passwords in Active Directory Put Your Business at Risk

May 19, 2023

As a cybersecurity professional, I recognize the necessity of having a safe network for any business. Active Directory is an indispensable tool for managing resources;

The Importance of Regular Active Directory Security Audits

May 15, 2023

Organizations must give security of their IT infrastructure top priority in the current digital era, when cyber threats are growing more complex. The routine auditing

Kerberos Attacks- Part 1

December 21, 2022

As discussed in the Active Directory Basics blog, Kerberos is an authentication mechanism used to authenticate users and services. The two main components of Kerberos

IPV6 DNS Takeover

September 26, 2022

Even though the usage of IPv6 is gaining traction, it is rare to find an organization using it in its network. Most people do not

JWT Authentication Bypass

September 11, 2022

What are JWTs? JSON web tokens (JWTs) are a standardized format for sending cryptographically signed JSON data between systems. Theoretically, they can contain any kind