Vulnlab | Baby2 - Logon Scripts, WriteDACL, Shadow Credentials & GPOs
This video is a walkthrough on Baby2, a vulnerable machine on Vulnlab that involves Password Spraying, Logon Scripts, WriteDACL, Shadow Credentials & GPOs. [ Timestamps ] 00:00 - Intro & General Enumeration 01:28 - Password Spraying 02:34 - Bloodhound & modifying a logon script 06:57 - Shell & more Bloodhound 09:07 - WriteDACL & Shadow Credentials 12:35 - GPOs [ Pentesting & Red Teaming Labs ] • https://vulnlab.com [ Discord ] • / discord [ Desktop ] • https://github.com/xct/kali-clean • https://www.yuumeiart.com/ [ About ] • https://vulndev.io • / xct_de • https://github.com/xct This is purely educational content - all practical work is done in environments that allow and encourage offensive security training.

▶︎
Vulnlab | Kaiju Part I - Initial Access via Filezilla & Escalating Privileges

▶︎
ASP, Windows Containers, Responder & NoPAC - Anubis @ HackTheBox

▶︎
HackTheBox - Blazorized (part 2) - iamalex.ro

▶︎
Vulnlab | Wutai: Account Operators, Trust Enumeration & Password Reuse

▶︎
Certipy and ADCSync attacks against Active Directory Certificate Services

▶︎
Vulnlab | Store - Node LFI, Node Debugging & using the ChromeDriver

▶︎
Don't Hang Up On AI Scammers. Do THIS Instead.

▶︎
Shor's Algorithm for Quantum Computing - Computerphile

▶︎
Using NMAP Like a Red Team Operator (OPSEC Matters!)

▶︎
Vulnlab | Reflection - MSSQL, Relaying, LAPS & ACL Misconfigurations

▶︎
DEF CON 32 - Inside the FBI’s Secret Encrypted Phone Company ‘Anom’ - Joseph Cox

▶︎
Vulnlab | Tea - Gitea CI/CD, LAPS v2, WSUS

▶︎
Data - Detailed Walkthrough - (Vulnlab!)

▶︎
Password Spraying, gMSA, ADIDNS & Constrained Delegation - Intelligence @ HackTheBox

▶︎
Subnet Mask - Explained

▶︎
Vulnlab | Ifrit - Intro, Initial Access & Enumeration

▶︎
Attacking AI - Jason Haddix - NDC Security 2026

▶︎
Active Directory, Reverse Engineering & Unintended Solutions - Pivotapi @ HackTheBox

▶︎
HackTheBox - Timelapse

▶︎
