Home » Tags

Acl-Abuse

HTB Certified Writeup — Shadow Credentials, ACL Chains & ADCS ESC9 (2026)

Assumed breach AD box. WriteOwner abuse on a group, double shadow credentials chain, and ADCS ESC9 certificate abuse to Domain Admin.

March 28, 2026 · 6 min

HTB Forest Writeup — AS-REP Roasting, BloodHound & DCSync (2026)

Second AD box. AS-REP Roasting with no creds, BloodHound attack path through 5 nested groups, ACL abuse to DCSync.

March 24, 2026 · 3 min