Skip to content
View WNobsi's full-sized avatar

Block or report WNobsi

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
WNobsi/README.md

Nobex Wahengbam

Offensive Security • Active Directory • Penetration Testing

Building enterprise Active Directory labs, simulating realistic attack paths, and producing professional offensive security documentation.


About Me

Focuesed as Offensive Security professional with a background in IT Support, transitioning into Internal Network Penetration Testing.

My primary focus is building realistic enterprise Active Directory environments, performing offensive security assessments, documenting methodologies, and understanding attacks from both the offensive and defensive perspectives.

Current Focus

  • Active Directory Security
  • Internal Network Penetration Testing
  • Windows Enterprise Security
  • Red Team Methodologies
  • Privilege Escalation
  • Professional Penetration Test Reporting

Enterprise Active Directory Lab

An ongoing enterprise lab that simulates a corporate Active Directory environment.

Infrastructure

  • Windows Server 2022 Domain Controller
  • Windows 10 Enterprise Clients
  • Kali Linux Attacker
  • Active Directory Domain
  • DNS
  • DHCP
  • SMB
  • LDAP
  • Kerberos
  • NTLM

Current Attack Path Progress

Status Topic


✅ LLMNR Poisoning ✅ SMB Relay 🚧 BloodHound Enumeration 🚧 Kerberoasting 🚧 AS-REP Roasting ⏳ Pass-the-Hash ⏳ ACL Abuse ⏳ Delegation Attacks ⏳ DCSync ⏳ Golden Ticket


Featured Projects

  • Enterprise Active Directory Home Lab
  • Active Directory Attack Series
  • Internal Penetration Testing Write-ups
  • Windows & Linux Enumeration
  • Professional Reporting
  • Python Security Automation (Coming Soon)

Philosophy

I focus on understanding why an attack works, how it is executed in enterprise environments, how defenders detect it, and how to document findings in a professional consulting style.


Goals (2026)

  • Earn PJPT
  • Secure my first Offensive Security role
  • Continue expanding the Active Directory Attack Series
  • Build reusable offensive security tooling
  • Publish high-quality penetration testing documentation

"Learning offensive security through practical enterprise lab environments, professional documentation, and continuous improvement."

Pinned Loading

  1. Active-Directory-Home-Lab-Setup Active-Directory-Home-Lab-Setup Public

  2. TCM-Academy-Machine-Walkthrough TCM-Academy-Machine-Walkthrough Public

    A detailed walkthrough of the Academy (TCM) machine covering the complete penetration testing lifecycle—from reconnaissance and enumeration to exploitation, privilege escalation, and root compromis…

  3. TCM-BlackPearl-Machine-Walkthrough TCM-BlackPearl-Machine-Walkthrough Public

    BlackPearl walkthrough from the TCM Security Practical Ethical Hacking lab, documenting a methodology-driven penetration test from reconnaissance to root compromise. Covers enumeration, web exploit…

  4. TCM-Butler-Machine-Walkthrough- TCM-Butler-Machine-Walkthrough- Public

    A detailed walkthrough of the VulnHub Butler machine demonstrating a full attack chain from Jenkins credential compromise to NT AUTHORITY\SYSTEM access through Groovy RCE and an Unquoted Service Pa…

  5. TCM-Dev-Machine-Walkthrough TCM-Dev-Machine-Walkthrough Public

    A detailed penetration testing walkthrough of the Dev machine from TCM Security's VulnHub series. This writeup covers the complete attack chain from reconnaissance and enumeration to exploitation, …

  6. LLMNR-Poisoning-Active-Directory-Attack-Vectors LLMNR-Poisoning-Active-Directory-Attack-Vectors Public

    A hands-on walkthrough of performing LLMNR Poisoning in an Active Directory Home Lab. Learn how Responder captures NTLMv2 challenge-response hashes, crack them with Hashcat, understand the attack w…