Server Message Block (SMB) is a network file sharing protocol primarily used for providing shared access to files, printers, and serial ports over a network. Originally developed by IBM in the 1980s and later enhanced by Microsoft, SMB allows applications and users to read and write to files and request services from server programs in Read More …
Tag: windows
ACL – Access Control List
Think of an Access Control List (ACL) as a detailed gatekeeper attached to a digital resource, like a file, folder, network port, or even a database object. This gatekeeper holds a specific list of who (users or groups) is allowed to interact with that resource and in what way (what permissions they have). Instead of Read More …
MAC – Mandatory Access Control
A Rigid Security Model Mandatory Access Control (MAC) is a security model where access to resources is determined by a central authority based on security labels assigned to both subjects (users, processes) and objects (files, resources). Unlike discretionary access control (DAC), where the owner of a resource can control who accesses it, and role-based access Read More …
ENIAD – Endpoint, Network, Identity, Application, Data
Overview of ENIAD The ENIAD framework provides a comprehensive approach to cybersecurity by focusing on five critical areas that organizations must protect to ensure a robust security posture. Each component addresses specific aspects of security, enabling organizations to detect, respond to, and mitigate threats effectively. 1. Endpoint Endpoints refer to devices that connect to the Read More …
Tools – BlackCat: Azure Security Validation
For those stepping into the dynamic field of information security, staying abreast of new tools and methodologies is crucial. One such tool gaining traction, particularly for professionals working within Microsoft Azure environments, is “BlackCat.” Developed by ‘azurekid,’ BlackCat is a PowerShell module designed to help validate and enhance the security posture of Azure deployments. What Read More …
ACE – Access Control Entries
The Building Blocks of Permissions In the realm of Identity and Access Management, controlling who can access what is paramount. While Access Control Lists (ACLs) provide the structure for managing permissions, the individual permissions themselves are defined within Access Control Entries (ACEs). Understanding ACEs is crucial for IT students to grasp the fine-grained control that Read More …
smbclient test for 445
While smbclient is primarily used for interacting with SMB shares (like listing shares or accessing files),, it can implicitly indicate if port 445 is open and accessible. If smbclient can successfully connect to an SMB share on a target system, it means port 445 is open on that system and allowing connections. How it works: When you use smbclient Read More …
Conference Video – Win32 Exploit Development With Mona and the MSF Framework
In this talk, Corelanc0d3r and Nullthreat will walk the audience through the process of writing exploits for Win32 User Land, while elaborating on the subtleties of writing effective and reliable exploits that bypass common memory protections. Using a number of example exploits, they will demonstrate how the various functions available in mona.py, the Corelan Team Read More …
Conference Video – Dirty Red Team tricks
Let’s time travel to 2003 with today’s tools and own everything. This talk takes you inside the red teams at the North East and Mid Atlantic Collegiate Cyber Defense competition events. Raphael Mudge, the developer of the Armitage Metasploit GUI, will guide you on this journey. You will learn how to automate Metasploit, nmap, and Read More …
Hacker Video – SIEGECAST: Kerberoasting & Attacks 101
Want to understand how Kerberos works? Would you like to understand modern Kerberos attacks? Tim Media walks you through how to attack Kerberos with ticket attacks and Kerberoasting. He covers the basics of Kerberos authentication and then shows you how the trust model can be exploited for persistence, pivoting, and privilege escalation. At the conclusion, Read More …