elswix.com
Welcome to my personal blog!
Latest Articles
Active Directory: Certificate Services (Part 2)
Today, we will delve into how **Certificate Mapping** works, which security measurements were implemented after the Certifried vulnerability and more.
Read more
Active Directory: Certificate Services (Part 1)
Today, we'll delve into Active Directory Certificate Services (ADCS). In this article, we'll cover fundamental concepts and later introduce exploitation techniques, as well as how to exploit them.
Read more
Active Directory: DACL Abuse
Today, we'll explore the exploitation of insecure ACEs within the DACL of users and groups in an Active Directory environment.
Read more
Active Directory: Windows ACLs
Today, we’ll explore the fundamentals of ACLs in Windows and later demonstrate common attacks that exploit ACL misconfigurations in an Active Directory environment.
Read moreLatest WriteUPs
Rebound - HTB
Rebound is an insane difficulty machine on HackTheBox. Initially, we'll exploit RID brute force to obtain a list of valid users on the Domain Controller. One of these users is vulnerable to...
Read more
Analytics - HTB
Analytics is an easy machine on HackTheBox. Firstly, we'll exploit a vulnerable version of Metabase to achieve command execution on the victim machine...
Read more
Manager - HTB
Manager is a medium-difficulty machine on HackTheBox. Initially, we'll abuse the guest session to perform a RID Bruteforce attack to identify...
Read more