An Offensive Security Bloghttps://alittleinsecure.com/https://alittleinsecure.com/raiding-unraid/https://alittleinsecure.com/raiding-unraid/Chaining a stored cross-site scripting vulnerability in the Unraid web GUI into full hypervisor host takeover.Thu, 18 Sep 2025 00:01:13 GMThttps://alittleinsecure.com/files-that-coerce-search-connectors-and-beyond/https://alittleinsecure.com/files-that-coerce-search-connectors-and-beyond/Abusing Windows file formats like search connectors and library files to coerce forced authentication and relay it across Active Directory.Wed, 06 Nov 2024 22:15:13 GMThttps://alittleinsecure.com/dns-hijacking-say-my-name/https://alittleinsecure.com/dns-hijacking-say-my-name/Techniques for taking over and manipulating Windows DNS records without credentials to coerce and relay NTLM and Kerberos authentication.Sat, 17 Feb 2024 15:21:29 GMT