Red Teaming - Cyber Security Writeups

ART of Google Dorking – Turning Search Engines Into a Recon Weapon for Red Teaming & VAPT

February 5, 2026 · khukuririmal

In modern security assessments, researchers and pentesters rarely start with direct exploits, they start with gathering information. One of the most underestimated reconnaissance tools is sitting in front of everyone which is the Google Search engine. When used strategically, Google Dorking becomes an attack surface mapper, unintentionally exposing sensitive assets, internal systems, misconfigurations, credentials, backups, […]

Practical Guide to Subdomain Enumeration for Red Teaming

January 19, 2026 · khukuririmal

In reconnaissance, what you fail to enumerate is often what hurts the most. Subdomain enumeration is one of the most critical phases of reconnaissance in any Red Team Assessment. Missed subdomains often mean missed attack surfaces, such as forgotten admin panels, staging environments, internal APIs, or legacy services that were never meant to be exposed […]

The Power of Windows Native Command-Line Utilities in Active Directory Pentesting and Internal Red Teaming

January 3, 2026 · khukuririmal

Active Directory Pentesting has evolved significantly over the last few years. Gone are the days when attackers or red teamers could reliably depend on dropping Python tools, importing PowerShell scripts, or executing offensive scripts/tools without resistance. Modern enterprise environments are heavily defended with EDR, Microsoft Defender for Endpoint, AMSI, Attack Surface Reduction (ASR) rules, DLP […]

Nmap in Internal Networks: A Practical Port-Based Cheatsheet for VAPT & Red Teaming

December 26, 2025 · khukuririmal

Inside an enterprise network, the attack surface extends far beyond web servers and Active Directory. Switches, printers, scanners, remote administration tools, virtualization platforms, and legacy services often expose ports that are overlooked in traditional assessments.From a VAPT perspective, these services represent misconfigurations and exposure risks.From a Red Team perspective, they represent control points, stealthy footholds, […]

Red Teaming: The Art of Real-World Cyber Attack Simulation

December 13, 2025 · khukuririmal

In a world where cyber attacks are becoming more targeted, more organized, and more frequent, organizations can no longer rely solely on firewalls, compliance checklists, and antivirus software. Real attackers don’t follow rules — they follow opportunities. This is why Red Teaming has become one of the most valuable and realistic security practices in the […]