Lateral Movement

Abusing Group Policy Objects for Privilege Escalation and Lateral Movement

How attackers weaponize editable Group Policy Objects with SharpGPOAbuse and GPP cpassword, plus blue-team detection and hardening.

Active Directory

Lateral Movement and Persistence with WMI

How attackers abuse WMI for remote code execution and stealthy persistence, plus the detection and defenses blue teams need.

Windows Privesc