Active Directory DCSync Attack and Defense: Abusing Directory Replication Rights
How DCSync abuses AD replication rights via DRSUAPI to dump credentials, and how blue teams can detect and stop it.
Credential Access
Active Directory 
Windows Privesc Dumping LSASS Memory: Techniques and Detection Evasion
A practical guide to dumping LSASS memory with comsvcs.dll, procdump, and nanodump, plus parsing with pypykatz and blue-team defenses.
Windows Privesc Abusing SeBackupPrivilege and SeRestorePrivilege for Windows Privilege Escalation
How attackers abuse SeBackupPrivilege/SeRestorePrivilege to dump SAM, SYSTEM, and ntds.dit, plus blue-team detection and defense.