Microsoft

Chasing the Ghost in the Log: A Deep Dive into CVE-2026-20820 featured image
CVE

Chasing the Ghost in the Log: A Deep Dive into CVE-2026-20820

Microsoft called it a heap overflow; my debugger said otherwise. Follow my journey from a Bindiff mismatch to a kernel-mode OOB write in clfs.sys

avatar
Baptiste Crépin
Read more
Have You Looked in the Trash? Unearthing Privilege Escalations from the Active Directory Recycle Bin featured image
BloodyAD

Have You Looked in the Trash? Unearthing Privilege Escalations from the Active Directory Recycle Bin

How overlooked objects in AD's Recycle Bin can become a goldmine for attackers—and what defenders need to know

avatar
Baptiste Crépin
Read more
Performing AD LDAP Queries Like a Ninja featured image
BloodyAD

Performing AD LDAP Queries Like a Ninja

Strategies to minimize logging generation, and methods to enhance logging efficiency

avatar
Baptiste Crépin
Read more
BitLocker enabled. Are you really protected? featured image
BitLocker

BitLocker enabled. Are you really protected?

Review of the current security level brought by BitLocker against data theft

avatar
Baptiste Crépin
Read more
Implementing S/MIME with Exchange Online and OWA featured image
Microsoft

Implementing S/MIME with Exchange Online and OWA

Implementing S/MIME with Exchange Online and OWA for secure email communications

avatar
Baptiste Crépin
Read more
Exploiting Certifried (CVE-2022-26923) featured image
Authentication

Exploiting Certifried (CVE-2022-26923)

Discover how to exploit the certifried vulnerability easily with bloodyAD.

Soka
Read more
Playing with Kerberos featured image
Authentication

Playing with Kerberos

Take full control of the Kerberos protocol on Active Directory using bloodyAD.

avatar
Baptiste Crépin
Read more
Certificate authentication dug up featured image
Authentication

Certificate authentication dug up

Leverage certificate-based authentication power on Active Directory environment.

avatar
Baptiste Crépin
Read more