Authentication

Inside Kerberos: A Deep Dive into the Protocol Internals

A practical breakdown of Kerberos internals: AS-REQ, TGS-REQ, the PAC, and why RC4 vs AES etypes matter for attackers and defenders.

Active Directory

Authentication Bypass Techniques: Logic Flaws, SQLi, Weak Resets, and 2FA Bypass

A practical walkthrough of four authentication bypass classes — logic flaws, SQLi, weak password resets, and 2FA bypass — with detection and defense.

SecurityWeb Exploitation