IP Address Management is a system used to plan, track, and manage IP addresses generally in a larger corporate network. Key Features of IPAM Address Allocation: IPAM helps in allocating IP addresses to devices within a network. It ensures that each device has a unique IP address, preventing conflicts that can disrupt network communication. Tracking Read More …
Author: tmack
Tools – SymCrypt
SymCrypt is a core cryptographic function library developed by Microsoft. It began in late 2006, initially focusing on symmetric cryptographic operations. Since Windows 8, it has served as the primary crypto library for symmetric algorithms, and from Windows 10 version 1703, it became the main crypto library for all algorithms within Windows. Its key objectives Read More …
MCP – Model Context Protocol
The Model Context Protocol is a framework designed to enhance communication and interaction between different systems, particularly in the context of cloud computing and distributed applications. For someone new to IT, understanding the MCP can be beneficial as it addresses how data and context are shared across various platforms, improving interoperability and user experience. What Read More …
Tools – ldapsearch-ad
ldapsearch-ad is a Python3 script designed for rapid information gathering from a domain controller via its LDAP service. It’s often used immediately after acquiring valid Active Directory credentials, serving as a valuable complement to tools like BloodHound and PingCastle. The script offers flexible installation methods, either through pipx or by cloning its source code and Read More …
DNS – Domain Name System
In the world of information management, one of the fundamental concepts you’ll encounter is the Domain Name System, or DNS. Think of the domain name system as the phonebook of the internet. Just as you use a phonebook to find a person’s phone number by their name, DNS helps you find the IP address of Read More …
Tool Overview – Shimit
Shimit is a Python-based tool that facilitates the execution of the Golden SAML attack. This attack method allows an adversary to forge SAMLResponse objects, which are then used to bypass authentication and gain unauthorized access to applications relying on SAML for single sign-on. By crafting a signed SAMLResponse, attackers can impersonate any user and achieve Read More …
SSTI – Server-Side Template Injection
One vulnerability in the world of web development to be aware of is Server-Side Template Injection. This type of vulnerability can have serious implications for web applications and services, especially those that serve mobile applications. What is SSTI? Server-Side Template Injection occurs when an attacker is able to inject malicious code into a template on Read More …
Tool Overview :: DNSDumpster
DNSDumpster is a free, web-based domain research and reconnaissance tool used to discover an organization’s internet-facing assets. In information security, it is categorized as a passive reconnaissance tool, meaning it gathers information from existing public records without directly interacting with the target’s servers. For a new security professional, it serves as an essential utility for Read More …
SCP – Service Control Policies
Service Control Policies are a feature of AWS Organizations that allow administrators to manage permissions across multiple AWS accounts in a centralized manner. SCPs provide a way to define the maximum available permissions for accounts within an organization, ensuring that security and compliance requirements are met while allowing flexibility in resource management. Organizations can enforce Read More …
Tools – validin-phish-feed
The validin-phish-feed is a GitHub repository that provides a feed of phishing domains, curated by the Validin Threat Intelligence Platform. Validin is a company that specializes in internet intelligence, offering services for threat hunting, brand protection, and incident response. Their platform aggregates and analyzes vast amounts of DNS data, host responses, certificates, registration data, and Read More …