HackTheBox Blazorized [WriteSPN Kerberoasting + DC session pirvesc + DCSync hash dump + Bloodhound-CE](link is external) fdvoid0's blog
HackTheBox Mist [CVE-2024-9405 + PetitPotam Attack + shadow credential + s4u impersonat + reading GMSA password + abusing AddKeyCredentialLink + exploiting ADCS ESC 13 twice](link is external) fdvoid0's blog