<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>posts on root@j0su</title><link>https://josupalacios99.github.io/blog/en/posts/</link><description>Recent content in posts on root@j0su</description><generator>Hugo</generator><language>en-US</language><copyright>2026 root@j0su · think like the adversary</copyright><lastBuildDate>Mon, 13 Jul 2026 10:00:00 +0200</lastBuildDate><atom:link href="https://josupalacios99.github.io/blog/en/posts/index.xml" rel="self" type="application/rss+xml"/><item><title>Which offensive security service do you need? A maturity guide</title><link>https://josupalacios99.github.io/blog/en/posts/que-servicio-de-seguridad-ofensiva-necesitas/</link><pubDate>Mon, 13 Jul 2026 10:00:00 +0200</pubDate><guid>https://josupalacios99.github.io/blog/en/posts/que-servicio-de-seguridad-ofensiva-necesitas/</guid><description>Vulnerability Assessment, Pentest, Red Team, BAS, physical intrusion, ransomware simulation… It&amp;rsquo;s not a menu where you pick the flashiest dish: it&amp;rsquo;s a staircase. This guide helps you figure out which step you&amp;rsquo;re on and what makes sense to hire right now.</description></item><item><title>Red Teaming: think like the adversary to anticipate the threat</title><link>https://josupalacios99.github.io/blog/en/posts/red-teaming-pensar-como-el-adversario/</link><pubDate>Mon, 06 Jul 2026 00:10:00 +0200</pubDate><guid>https://josupalacios99.github.io/blog/en/posts/red-teaming-pensar-como-el-adversario/</guid><description>What Red Teaming is (and what it isn&amp;rsquo;t), how it differs from a vulnerability assessment and a pentest, when it makes sense, and how its success is measured.</description></item><item><title>ntlmrelayx and ADCS: when the certificate arrives but doesn't work</title><link>https://josupalacios99.github.io/blog/en/posts/adcs-ntlmrelayx-sid-extension/</link><pubDate>Tue, 30 Jun 2026 10:00:00 +0200</pubDate><guid>https://josupalacios99.github.io/blog/en/posts/adcs-ntlmrelayx-sid-extension/</guid><description>ADCS relay with ntlmrelayx generates certificates that certipy v5 rejects with &amp;lsquo;Object SID mismatch&amp;rsquo;. The root cause is KB5014754: modern DCs require the certificate to contain the user&amp;rsquo;s SID in a Microsoft-proprietary extension. ntlmrelayx doesn&amp;rsquo;t include it. Here&amp;rsquo;s why and how to fix it.</description></item><item><title>ADWS: enumerating Active Directory through the back door</title><link>https://josupalacios99.github.io/blog/en/posts/adws-enumeracion-sigilosa-active-directory/</link><pubDate>Thu, 18 Jun 2026 10:00:00 +0200</pubDate><guid>https://josupalacios99.github.io/blog/en/posts/adws-enumeracion-sigilosa-active-directory/</guid><description>Almost all Active Directory enumeration goes through LDAP (389/636), which is precisely the most watched channel in the domain. ADWS is a side door on port 9389 that accepts the same LDAP queries but is barely monitored. How it works under the hood, why its OPSEC is so good, and why it isn&amp;rsquo;t invisible.</description></item><item><title>Veeam Backup: from the organization's safeguard to the attacker's master key</title><link>https://josupalacios99.github.io/blog/en/posts/veeam-backup-llave-maestra/</link><pubDate>Mon, 05 May 2025 09:57:36 +0000</pubDate><guid>https://josupalacios99.github.io/blog/en/posts/veeam-backup-llave-maestra/</guid><description>Veeam Backup: what would happen if this protection solution became the entry point for a malicious actor? Two approaches to dump the SAM and extract DPAPI master keys while evading AV/EDR, using Veeam as a pivot toward critical services.</description></item></channel></rss>