registry hive in preparation for credential access and privileges elevation. - Focus: `event.action`, `file.path`, `file.size`, `file.Ext.header_bytes`, and `process.name`. - Implication: escalate ...
The first thing to check is common privilege escalation vectors. We can automate this using LinPEAS. Enumeration of the user reveals membership of the lxd group. The lxd (Linux Daemon) is a system ...