About The Domain Diaries

Welcome to The Domain Diaries — a collection of real penetration testing stories, focused primarily on Active Directory environments.

What You’ll Find Here

• 🔓 Real engagement stories (anonymized, of course)
• 🎫 Kerberos attacks — Golden tickets, silver tickets, Kerberoasting
• 🔑 Credential harvesting — Pass-the-hash, NTLM relay, DCSync
• 🛤️ Lateral movement — How attackers pivot through networks
• 🛡️ Defense insights — What blue teams can learn from red team ops

Who Am I?

A pentester who’s seen things. Domain Admin things. I write about my experiences to help others learn — both attackers looking to improve their craft and defenders trying to understand the threats they face.

Disclaimer

All stories are from authorized penetration testing engagements. Names, companies, and identifying details have been changed. Don’t do illegal stuff. Get permission. Be ethical.

C:\> net user attacker /domain
The request will be processed at a domain controller...

Stay curious. Stay ethical.