https://hexpysya.github.io/tags/powerview/Recent content in PowerView on bubka hacks stuffHugo -- gohugo.ioen-usMon, 16 Mar 2026 00:00:00 +0000https://hexpysya.github.io/blue_team/thm-phishing-unfolding/Mon, 16 Mar 2026 00:00:00 +0000https://hexpysya.github.io/blue_team/thm-phishing-unfolding/https://hexpysya.github.io/investigations/htb-ghosttrace/Sat, 31 Jan 2026 00:00:00 +0000https://hexpysya.github.io/investigations/htb-ghosttrace/Analyzed Windows Event Logs revealing a complete AD compromise chain: phishing email with macro-enabled document → credential dumping with Mimikatz → lateral movement via PsExec → DCSync attack → domain admin compromise → persistence via scheduled task, service, and registry run key.