<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>ldap on root@j0su</title><link>https://josupalacios99.github.io/blog/en/tags/ldap/</link><description>Recent content in ldap on root@j0su</description><generator>Hugo</generator><language>en-US</language><copyright>2026 root@j0su · think like the adversary</copyright><lastBuildDate>Thu, 18 Jun 2026 10:00:00 +0200</lastBuildDate><atom:link href="https://josupalacios99.github.io/blog/en/tags/ldap/index.xml" rel="self" type="application/rss+xml"/><item><title>ADWS: enumerating Active Directory through the back door</title><link>https://josupalacios99.github.io/blog/en/posts/adws-enumeracion-sigilosa-active-directory/</link><pubDate>Thu, 18 Jun 2026 10:00:00 +0200</pubDate><guid>https://josupalacios99.github.io/blog/en/posts/adws-enumeracion-sigilosa-active-directory/</guid><description>Almost all Active Directory enumeration goes through LDAP (389/636), which is precisely the most watched channel in the domain. ADWS is a side door on port 9389 that accepts the same LDAP queries but is barely monitored. How it works under the hood, why its OPSEC is so good, and why it isn&amp;rsquo;t invisible.</description></item></channel></rss>