RansomHub TTPs: How the Group Replaced ALPHV in LATAM Operations
Analysis of RansomHub's affiliate program structure, initial access techniques, and targeting patterns observed in Latin American organizations during Q1 2026.
● FEATURED RESEARCH
Abusing ADCS for Domain Privilege Escalation: ESC1 Through ESC13 — A Practical Guide
A comprehensive deep dive into Active Directory Certificate Services misconfigurations. We cover every ESC scenario discovered by SpecterOps and beyond, with PoC code, detection opportunities, and real-world exploitation chains we've used in red team engagements.
Read full article →
Privilege Escalation in AWS: From S3 Read-Only to AdministratorAccess
Step-by-step walkthrough of how a single misconfigured S3 bucket policy combined with IMDS access leads to full AWS account takeover.
Evilginx3 + AitM Proxies: Bypassing MFA in 2026 Enterprise Environments
How adversary-in-the-middle phishing frameworks defeat hardware tokens, authenticator apps, and conditional access policies in real engagements.
Covert C2 Traffic: Making Beacons Disappear in Enterprise Network Logs
Techniques for blending C2 communications into legitimate business traffic using HTTP/2, DNS-over-HTTPS, and malleable profiles — and how defenders can detect them.
EDR Bypass Techniques in 2026: What Still Works Against CrowdStrike and SentinelOne
A responsible disclosure review of evasion primitives that remain effective against modern EDR solutions, with corresponding detection guidance for defenders.
Ley 21.663: What Chilean Organizations Need to Know Before the Deadline
Practical breakdown of Chile's new data protection law — key obligations, timelines, penalties, and the technical controls required for compliance.