Quick read of the day: Enterprise Offense: IT Operations [Part 1] – Post-Exploitation of Puppet and Ansible Servers. While not quite on the scale of pwning a full domain with AD, pwning the system that is allowed to make configuration changes at root level on many other systems is still a juicy target.