elswix.com
Welcome to my personal blog!
Latest Articles
Active Directory: DACL Abuse
Today, we'll explore the exploitation of insecure ACEs within the DACL of users and groups in an Active Directory environment.
Read more
Active Directory: Windows ACLs
Today, we’ll explore the fundamentals of ACLs in Windows and later demonstrate common attacks that exploit ACL misconfigurations in an Active Directory environment.
Read more
Active Directory: Attacking Kerberos
Today, we'll explore the exploitation of an AD environment, demonstrating how to carry out these attacks and apply the Kerberos Authentication Protocol in real-world exploitation scenarios.
Read more
Active Directory: Understanding Kerberos Authentication Protocol
In this article, we will dive into the theoretical foundations of Kerberos, explaining its core components, how the authentication process works.
Read moreLatest WriteUPs
Rebound - HTB
Rebound is an insane difficulty machine on HackTheBox. Initially, we'll exploit RID brute force to obtain a list of valid users on the Domain Controller. One of these users is vulnerable to...
Read more
Analytics - HTB
Analytics is an easy machine on HackTheBox. Firstly, we'll exploit a vulnerable version of Metabase to achieve command execution on the victim machine...
Read more
Manager - HTB
Manager is a medium-difficulty machine on HackTheBox. Initially, we'll abuse the guest session to perform a RID Bruteforce attack to identify...
Read more