Autopsies

System autopsies — forensic walk-throughs of how real systems failed, from initial foothold to full compromise.

Blackfield: When Operational Accounts Become Domain Keys 2026-05-05 — A system autopsy of HackTheBox Blackfield — examining how a misconfigured SMB share, disabled Kerberos pre-authentication, an overpermissive ACL, and a backup service account combined to expose every credential in a domain controller.
Gavel: Trust Boundary Collapse in Dynamic SQL Logic 2026-01-28 — A system autopsy examining how dynamic SQL construction in an internal auction platform invalidated PDO security assumptions and enabled credential disclosure.