Active Directory Kerberoasting: The Complete Guide to Mechanics, Attack, and Defense
A complete guide to Kerberoasting: how SPNs and TGS-REP enable offline cracking, plus detection and defense.
Red Team
Active Directory 
Security Abusing Windows Token Privileges: The Potato Attack Family
How service accounts with SeImpersonatePrivilege escalate to SYSTEM via JuicyPotato, PrintSpoofer, and RoguePotato, plus blue-team defenses.
Windows Privesc UAC Bypass Techniques: A Practical Overview of Auto-Elevation Abuse
A practical tour of Windows UAC bypass techniques abusing auto-elevating binaries, registry hijacks, and UACME, plus blue-team defenses.
Windows Privesc AMSI and Windows Defender Bypass: A Practical Primer
A hands-on primer on AMSI patching, reflection, obfuscation, and in-memory bypasses, with blue-team detection guidance.
Windows Privesc Named Pipe Impersonation: How Windows getsystem Really Works
A deep dive into ImpersonateNamedPipeClient and how named pipe impersonation powers Meterpreter's getsystem.