| From Evidence to Advantage: Leveraging Incident Response Artifacts for Red Team Engagements | 8 | netbiosX | | | | |
| LeakedWallpaper: Leak of any user's NetNTLM hash. Fixed in KB5040434 | 7 | netbiosX | | | | |
| Kerberos OPSEC: Offense & Detection Strategies for Red and Blue Team - Part 2 : AS REP Roasting | 7 | -vzh- | | | | |
| Detect compromised RDP sessions with Microsoft Defender for Endpoint | 6 | netbiosX | | | | |
| Open Source C&C Specification | 6 | netbiosX | | | | |
| RustPatchlessCLRLoader: patchless techniques for bypassing ETW and AMSI across all threads to load .NET assemblies dynamically. | 6 | crowdstrike-intern | | | | |
| BloodHound Operator — Dog Whispering Reloaded | 5 | netbiosX | | | | |
| C2 Frameworks - Threat Hunting in Action with YARA Rules | 5 | netbiosX | | | | |
| Relay Your Heart Away: An OPSEC-Conscious Approach to 445 Takeover | 5 | netbiosX | | | | |
| Hybrid Attack Paths, New Views and your favorite dog learns an old trick | 4 | netbiosX | | | | |
