Bloodstiller: Ethical Hacking & Active Directory Security Blog

Articles

Jun 26, 2025 Mixing Unstable Packages on Stable NixOS with Flakes
Jun 24, 2025 Understanding OWASP Secure Headers: HTTP Security Headers & Best Practices
Jun 20, 2025 Common Vulnerability Scoring System (CVSS) - Complete Guide for Security Professionals
Apr 24, 2025 Understanding PowerShell Download Cradles: A Deep Dive
Nov 15, 2024 Understanding AS-REP Roasting Attacks: A Deep Dive
Nov 5, 2024 Understanding CVE-2023-28252: Deep Dive into the CLFS Privilege Escalation Vulnerability
Nov 5, 2024 Understanding CVE-2023-38146: Deep Dive into the ThemeBleed Vulnerability
Oct 22, 2024 Understanding the CUPS Exploit Chain: A Deep Dive into CVE-2024-4176, CVE-2024-4175, CVE-2024-4177 and CVE-2024-4076
Oct 21, 2024 Understanding the NoPac Exploit: A Deep Dive into CVE-2021-42278 and CVE-2021-42287
Oct 20, 2024 Understanding SeLoadDriverPrivilege Escalation: A Deep Dive
Oct 14, 2024 Understanding Azure AD Connect Exploitation & Privilege Escalation
Oct 11, 2024 Understanding the Shadow Credentials Attack Vector
Oct 10, 2024 Understanding .NET Deserialization Exploits: A Deep Dive

Tools

Jun 20, 2025 CVSS v3.1 Calculator: Interactive Base Score Calculator for Security Professionals
Feb 3, 2025 Automating Kali Linux VM Setup: A Comprehensive Guide to QEMU and Ansible Integration
Nov 13, 2024 LDAPire: Advanced Active Directory Enumeration Tool
Oct 17, 2024 BloodServer: A Secure File Transfer Tool for Penetration Testing

Walkthroughs

Jun 18, 2025 Jeeves HTB Walkthrough: Jenkins RCE, KeePass Cracking, and ADS Flag Discovery
Jun 2, 2025 Strutted HTB Walkthrough: Apache Struts2 CVE-2024-53677 File Upload Exploitation
May 26, 2025 EscapeTwo HTB Walkthrough: ESC4 Certificate Abuse and Shadow Credentials Attack
May 23, 2025 Cap HTB Walkthrough: PCAP Analysis, Linux Capabilities, and Linux Privilege Escalation
May 20, 2025 LinkVortex HTB Walkthrough: Ghost CMS, Git Dumping, and TOCTOU Exploitation
Apr 30, 2025 Bastion HTB Walkthrough: Windows Server Exploitation through SMB Guest Access and VHD Mounting
Apr 25, 2025 Jab HTB Walkthrough: XMPP, DCOM, and OpenFire Exploitation
Apr 22, 2025 Administrator HTB Walkthrough: DACLs, ACL Abuse, and AS-REPRoasting
Apr 22, 2025 SolarLab HTB Walkthrough: OpenFire Exploitation and Python ReportLab
Jan 12, 2025 RedPanda HTB Walkthrough: Spring Boot, SSTI, and Privilege Escalation
Dec 26, 2024 Sau HTB Walkthrough: SSRF, CVE-2023-27163, and CVE-2023-26604 Exploitation
Dec 24, 2024 Love HTB Walkthrough: SSRF, File Upload, and AlwaysInstallElevated Exploitation
Dec 22, 2024 Editorial HTB Walkthrough: SSRF, Git History Analysis, and GitPython RCE
Dec 21, 2024 Doctor HTB Walkthrough: SSTI, Log Analysis, and Splunk Universal Forwarder Exploitation
Nov 15, 2024 Forest HTB Walkthrough: Active Directory, ASREPRoasting, and DCSync Exploitation
Nov 12, 2024 Driver HTB Walkthrough: SCF File Exploitation and PrintNightmare Privilege Escalation
Nov 11, 2024 Timelapse HTB Walkthrough: Active Directory, LAPS, and Certificate-Based Authentication
Nov 6, 2024 Certified HTB Walkthrough: Shadow Credentials, ESC9, and Certificate Abuse
Nov 5, 2024 Aero HTB Walkthrough: ThemeBleed and CLFS Exploitation
Nov 3, 2024 Sauna HTB Walkthrough: Active Directory, Kerberoasting, and PrintNightmare Exploitation
Nov 2, 2024 Active HTB Walkthrough: GPP, Kerberoasting, and Golden Ticket Attacks
Nov 1, 2024 Cicada HTB Walkthrough: Active Directory Enumeration and SeBackupPrivilege Exploitation
Oct 31, 2024 Authority HTB Walkthrough: Certificate Abuse, PKINIT, and RBCD Attacks
Oct 22, 2024 EvilCUPS HTB Walkthrough: CUPS Exploitation and Print Queue Analysis
Oct 21, 2024 Resolute HTB Walkthrough: Active Directory, NoPac, and DCSync Exploitation
Oct 18, 2024 Fuse HTB Walkthrough: Active Directory, SeLoadDriverPrivilege, and Capcom Exploitation
Oct 16, 2024 Cascade HTB Walkthrough: AD Recycle Bin, VNC, and Ansible Vault Exploitation
Oct 14, 2024 Monteverde HTB Walkthrough: Azure AD Connect, SQL Server, and Credential Extraction
Oct 13, 2024 Outdated HTB Walkthrough: Active Directory, WSUS, and Follina Exploitation
Oct 9, 2024 Scrambled HTB Walkthrough: Active Directory, MSSQL, and .NET Deserialization Exploitation
Oct 5, 2024 Escape HTB Walkthrough: Certificate Template Abuse and MSSQL Exploitation
Oct 3, 2024 Hospital HTB Walkthrough: GhostScript, Selenium, and RoundCube Exploitation
Sep 29, 2024 Intelligence HTB Walkthrough: Active Directory, DNS, and Kerberos Constrained Delegation
Sep 22, 2024 Manager HTB Walkthrough: Active Directory, Certificate Authority, and ESC7 Exploitation
Sep 12, 2024 Access HTB Walkthrough: PST Files, LNK Exploitation, and Stored Credentials
Sep 9, 2024 Remote HTB Walkthrough: Active Directory, Umbraco, and SeImpersonatePrivilege Exploitation
Sep 6, 2024 Support HTB Walkthrough: Active Directory, RBCD, and MachineAccountQuota Exploitation
Sep 1, 2024 Return HTB Walkthrough: Active Directory, LDAP, and SeBackupPrivilege Exploitation

Sherlocks

Cheatsheets

Mar 17, 2025 Network Manager CLI Cheat Sheet
Mar 11, 2025 Common Docker Build Issues: A Comprehensive Troubleshooting Guide
Mar 11, 2025 Docker Image Security Analysis and Testing
Mar 11, 2025 How to Emulate Different Architectures in Docker
Mar 11, 2025 Transferring Docker Images via SCP
Mar 10, 2025 Docker Troubleshooting Guide: Comprehensive Solutions for Common Container Issues (2025)
Oct 16, 2024 Attacking LDAP: Deep Dive & Cheatsheet
Oct 16, 2024 Attacking RPC: Deep Dive & Cheat Sheet

Homelabs

Mar 12, 2025 Rebuilding My Homelab In NixOS (Part 5) Installing Docker & other tools on NixOS
Mar 10, 2025 How to Run Local LLMs with Ollama on AMD GPU (Complete Guide)
Mar 7, 2025 Rebuilding My Homelab In NixOS (Part 4) Decrypting boot early with initrd-ssh
Feb 28, 2025 Rebuilding My Homelab In NixOS (Part 3) Mounting A Secondary Drive At Boot
Feb 26, 2025 Rebuilding My Homelab In NixOS (Part 2) Enabling SSH Login in NixOS
Feb 23, 2025 Autostart Tailscale on NixOS system boot & rebuild
Feb 20, 2025 Rebuilding My Homelab In NixOS (Part 1) Creating the NixOS VM In Proxmox