VulnLab: Baby2
Active Directory machine demonstrating SMB user enumeration, weak password reuse, writable logon script abuse, and GPO-based privilege escalation.
Password Spraying
VulnLab: Baby
Active Directory machine demonstrating anonymous LDAP enumeration, password reset abuse, SeRestorePrivilege execution, and manual NTDS extraction.
HTB: Cicada
Active Directory machine demonstrating exposed SMB data, credential reuse, and Backup Operators abuse to dump domain hashes.
HTB: Monteverde
Azure AD Connect misconfiguration leading to credential extraction and domain compromise.