https://blog.it-learn.io/tags/red-team/Recent content in Red-Team on it-learn.io | IT, Networking & Cybersecurity BlogHugoen-usWed, 15 Apr 2026 00:00:00 +0000https://blog.it-learn.io/posts/2026-04-15-pass-the-hash-why-the-hash-is-as-good-as-the-password/Wed, 15 Apr 2026 00:00:00 +0000https://blog.it-learn.io/posts/2026-04-15-pass-the-hash-why-the-hash-is-as-good-as-the-password/<p>Pass-the-Hash (PtH) is arguably the most impactful lateral movement technique in Windows environments. It transforms credential access into network-wide compromise without requiring password cracking, works across the majority of enterprise network services, and has been a core component of some of the most destructive cyberattacks in history — including NotPetya and numerous ransomware operations. Understanding its mechanics is prerequisite to understanding why so many Active Directory environments remain vulnerable despite years of awareness.</p>https://blog.it-learn.io/posts/2026-04-14-kerberoasting-stealing-service-tickets-to-crack-passwords/Tue, 14 Apr 2026 00:00:00 +0000https://blog.it-learn.io/posts/2026-04-14-kerberoasting-stealing-service-tickets-to-crack-passwords/<p>Kerberoasting is one of the most reliably effective Active Directory attack techniques: it requires only a valid domain account, leaves minimal traces by default, and yields plaintext service account credentials that often grant significant lateral movement opportunities. Unlike many AD attacks that require elevated access or interaction with specific hosts, Kerberoasting operates entirely through legitimate Kerberos protocol requests — making it difficult to block without fundamentally changing service account management practices.</p>