Real Attacks & Clean Notes. Learn By Doing.

Reproducible AD & Web attacks with copy/paste commands, artifacts, and detection ideas. Built for clipboard speed and exam-ready evidence.

I’m Ivan Dokolyakov CPTS . I write reproducible offensive write-ups and tool-driven playbooks with commands, artifacts, and detection ideas.

About me

Active Directory • Web Exploitation • Playbooks • Reporting

Actionable Offensive
Security Write-ups & Playbooks

Browse Playbooks

Start here

Active Directory Attack Paths

Kerberoast, PtT/PtH, AD CS, DCSync, pivoting.

Web App Exploitation

SQLi, XSS, File Uploads, XXE, auth bypass.

Reporting & Exams

SysReptor, evidence, walkthroughs, tips.

Latest write-ups

Sign up for my blog! It's free and you'll receive the following types of content:

  • Reproducible steps for the latest HTB retired machines. Exact commands, inputs & outputs, artifacts you can verify.
  • Exam-ready flows. AD & Web chains from foothold to objectives.
  • Latest exploits & vulnerabilities, explained. What are the latest exploits and vulnerabilities?
  • Trending tools. Windows & Linux tools (no bias).
  • Small, focused posts. No fluff — one concept per write-up.

Topics