Top 10 Blogs of 2025

We have had quite the year with our blog and wanted to spotlight some of the outstanding content our security consultants have written in 2025. The Security Blog is where our experts divulge their technical know-how, provide security guidance, keep the world updated on the latest threats, and sometimes walk us through just-for-fun hacks. Everyone has a year-end list, and this is ours.

This year, we published some of our most thought-provoking and useful blogs ever! Here are our top 10 most read blogs of 2025:

1. Kubernetes for Pentesters: Part 1 by Kelsey Segrue
2. Red Team Gold: Extracting Credentials from MDT Shares by Oddvar Moe
3. Hack-cessibility: When DLL Hijacks Meet Windows Helpers by Oddvar Moe
4. Operating Inside the Interpreted: Offensive Python Techniques by Kevin Clark
5. WSUS Is SUS: NTLM Relay Attacks in Plain Sight by Austin Coontz
6. MCP: An Introduction to Agentic Op Support by Brandon McGrath
7. Command Line Underdog: WMIC in Action by Oddvar Moe
8. Detecting Active Directory Password-Spraying with a Honeypot Account by Sean Metcalf
9. CVE-2025-1729 - Privilege Escalation Using TPQMAssistant.exe by Oddvar Moe
10. Abusing Windows Built-in VPN Providers by Christopher Paschen

Thank you for reading our blogs this year. We hope you found them useful and fun. Stay tuned to see what 2026 will look like for The Security Blog!