In the digital era, the ability to share and manage files efficiently over networks is crucial. The File Transfer Protocol (FTP) is a long-standing tool that enables users to transfer files between systems on a network. This article explains what FTP is, how it works, and its relevance in today’s online world. What is FTP? Read More …
Category: Learn IT
This is all of the posts dedicated to sharing the IT knowledge I have accumulated through the years and through all of the positions, companies, and projects. As I say, I am not the sharpest tool in the shed, but my shed and tool collection is a lot larger than the average bear, Boo Boo.
UPnP – Its Role in Modern Online Gaming
Universal Plug and Play (UPnP) is a set of networking protocols that simplifies the process of connecting devices on a network. While its primary purpose is to streamline device discovery and communication, UPnP plays a significant role in enhancing the online gaming experience. This article delves into what UPnP is, how it works, and its Read More …
HTTP: The Foundation of the World Wide Web
The Hypertext Transfer Protocol (HTTP) is a cornerstone of the internet and the World Wide Web. It enables the seamless exchange of information between devices, making web browsing, data sharing, and online interactions possible. This article explores what HTTP is, how it works, and why it is essential for the modern internet. What is HTTP? Read More …
Quick Note :: Attribute Based Access
We then end up with two main classifications of access control: Role-Based Access Control (RBAC). Define the role for the access to data, eg Policy = Subject (AND/OR) Role –> Permissions. Attribute-Based Access Control (ABCL). Define attributes eg Policy = User (role, nationality) AND/OR Resource (department, owner) AND/OR Action AND/OR Context (time, IP, location) -> Read More …
NOTES :: Retrieval Augmented Generation (RAG)
A solution model pattern in how to leverage large language models. Systems that use LLM but on their own content. Start Large language models can be inconsistent. Sometimes they nail the answer to questions, other times they regurgitate random facts from their training data. If they occasionally sound like they have no idea what they’re Read More …
powershell code – Find computers
To find a single machine and the date it last logged on Get-ADComputer -identity SRV-DB01 -Properties * | FT Name, LastLogonDate -Autosize Find all the machines Get-ADComputer -Filter * -Properties * | FT Name, LastLogonDate -Autosize
NOTES :: Purdue Model
The Purdue Model The Purdue model is generally accepted as the standard for building an industrial control system (ICS) network architecture in a way that supports OT security, separating the layers of the network to maintain a hierarchical flow of data between them, and as such, reflects the baseline architecture requirements for many industrial control Read More …
EDRKillShifter
“EDRKillShifter” is a type of malware specifically designed to disable Endpoint Detection and Response (EDR) security software on a system, allowing attackers to carry out malicious activities like deploying ransomware without detection; it is considered a sophisticated tool often used by cybercriminals to evade security measures. Key points about EDRKillShifter: Function: Its primary purpose is Read More …
How to change user agent in nmap
NMAP How to change user agent You can find the default value in /usr/share/nmap/nselib/http.lua (At the beginning of the file, a couple of lines after the comments) local USER_AGENT = stdnse.get_script_args(‘http.useragent’) or “Mozilla/5.0 (compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)” You can change the value with this line local USER_AGENT = stdnse.get_script_args(‘http.useragent’) or “Mozilla/5.0 (compatible; MSIE 9.0; Read More …
AWS Notes – AWS Pentesting
An Opinionated Ramp Up Guide to AWS Pentesting https://awssecuritydigest.com/articles/opinionated-ramp-up-guide-to-aws-pentesting https://medium.com/@MorattiSec/my-aws-pentest-methodology-14c333b7fb58 Understanding the Shared Responsibility Model https://www.wiz.io/academy/shared-responsibility-model fwd:cloudsec https://fwdcloudsec.org/ AWS Customer Support Policy for Penetration Testing https://aws.amazon.com/security/penetration-testing/ Also, read this and follow the AWS pentesting rules. Cloud Tests One is a review of the external facing posture, which you can consider adjacent to a traditional External Read More …