OSINT: The Art of Discovering Everything About Anyone (Legally)
In a world where data never sleeps, every trace we leave online becomes a clue. OSINT — Open Source Intelligence — turns open information into…
Social Engineering: How Hackers Trick You Without Touching a Line of Code
You don’t need malware to hack someone — just a good story. From Kevin Mitnick’s classic tricks to today’s AI-powered scams, social engineering proves one…
The Ghosts of Exchange: Hidden Permissions Lurking in Active Directory
Even after uninstalling Exchange, traces of its deep integration with Active Directory remain — powerful groups, lingering ACLs, legacy attributes, and automation leftovers. Whether Exchange…
Lateral Movement in Azure AD: What Still Works in 2025
Despite improvements in Microsoft cloud security, lateral movement in hybrid Azure AD environments is still viable in 2025 — and often undetected.
Shadow Admins in Active Directory: The Privilege You Don’t See (Until It’s Too Late)
Shadow Admins are the privilege paths you’re not watching. These accounts don’t belong to Domain Admins, but they can take over your environment anyway —…
Something went wrong. Please refresh the page and/or try again.
Marco Nasta' Blog 