Research & Content

Ethical Hacker's
Workshop Series

Purple team education for practitioners, defenders, and security leaders. Each episode covers the attack, the detection, and the business impact.

// Featured Tool Release
AD
Arsenal
Red Team Active Directory Open Source
Red Team Active Directory Tools Open Source
Building an Interactive Active Directory Attack Reference from Real Lab Experience
12 attack categories, ~80 techniques, copy-able commands, and operational gotchas from real engagements and HTB labs. Two self-contained HTML tools: AD Arsenal (reference) and AD Mind Map (radial navigation). No build step, no dependencies.
AD / ADCS  ·  Apr 2026 Read More →
EHWS Episodes
Red Team Blue Team Business
EHWS E01: Kerberoasting — Enterprise Readiness Validation
Step-by-step domain compromise via Kerberoasting paired with event-level detection engineering and an executive brief. Would your SIEM catch this?
T1558.003  ·  Mar 2026
Red Team Blue Team
EHWS E02: AS-REP Roasting
Coming soon — pre-auth disabled accounts, offline cracking, and SIEM detection rules.
T1558.004  ·  Coming Soon
Red Team Blue Team
EHWS E03: NTLM Relay + ADCS ESC8
Coming soon — WebDAV coercion, ntlmrelayx, and certificate enrollment abuse.
T1557.001  ·  Coming Soon
Open Source Tools
⚔️
AD Arsenal
Standalone HTML reference covering 12 AD attack categories with ~80 techniques. Copy-able commands, severity ratings, and operational gotchas from real engagements.
View Post →
🗺️
AD Mind Map
Interactive radial mind map of 79 AD technique nodes. Click any leaf to jump directly to the reference card. Self-contained HTML, no dependencies.
Open Tool →
GitHub — ethicalsoup
All offensive security tooling, AD assessment scripts, and purple team resources. Public repos updated as new techniques are validated in labs.
github.com/ethicalsoup →
LinkedIn
Security content, engagement updates, and industry insights. Regular posts on AD security, red team operations, and detection engineering.
@mark-wharton-ethicalsoup →