The best way to learn for me, is to create small talks/slides/posts about what I want to investigate. Here I will post the material I did on this journey. Of course everything I have learned here, someone has discovered it before, SO –> thanks to the researchers and colleagues of infosec for the great work that helps me every day to improve my pentesting skills, in each post/slides you will find the references on which I have based.
AWS pentest, Identity and Access Management (IAM)
Active Directory Certificate Services abuse
Active Directory Certificate Services Abuse
Shadow Credentials
AD Persistence methods - Shadow Credentials