This year Zig has moved from a niche systems language to a new primary choice for high-sophistication malware in 2026. Its design as a “better C” provides the low-level control required for weaponization without the legacy baggage that makes C code prone to crashes or easy detection. Is Zig is Over passing C and Rust Read More …
Tag: windows
lsassy: An Offensive Security Tool
lsassy is an open-source tool developed by Login-Sécurité, designed specifically for offensive security practices. Available on GitHub, lsassy expertly facilitates the extraction of credential data from the memory of the Local Security Authority Subsystem Service (LSASS) process in Windows environments. Key Features Primarily, lsassy is adept at dumping credentials stored within LSASS, which is a Read More …
Active Directory Domain Services
Active Directory Domain Services (AD DS) is a critical component of Windows Server that provides a variety of directory services essential for managing and securing a network. It offers a centralized location for network administration, enabling organizations to store information about members of the domain, including users, groups, computers, and other resources. Key Features One Read More …
SMB – Server Message Block
Server Message Block (SMB) is a network file sharing protocol primarily used for providing shared access to files, printers, and serial ports over a network. Originally developed by IBM in the 1980s and later enhanced by Microsoft, SMB allows applications and users to read and write to files and request services from server programs in Read More …
ACL – Access Control List
Think of an Access Control List (ACL) as a detailed gatekeeper attached to a digital resource, like a file, folder, network port, or even a database object. This gatekeeper holds a specific list of who (users or groups) is allowed to interact with that resource and in what way (what permissions they have). Instead of Read More …
MAC – Mandatory Access Control
A Rigid Security Model Mandatory Access Control (MAC) is a security model where access to resources is determined by a central authority based on security labels assigned to both subjects (users, processes) and objects (files, resources). Unlike discretionary access control (DAC), where the owner of a resource can control who accesses it, and role-based access Read More …
ENIAD – Endpoint, Network, Identity, Application, Data
Overview of ENIAD The ENIAD framework provides a comprehensive approach to cybersecurity by focusing on five critical areas that organizations must protect to ensure a robust security posture. Each component addresses specific aspects of security, enabling organizations to detect, respond to, and mitigate threats effectively. 1. Endpoint Endpoints refer to devices that connect to the Read More …
Tools – BlackCat: Azure Security Validation
For those stepping into the dynamic field of information security, staying abreast of new tools and methodologies is crucial. One such tool gaining traction, particularly for professionals working within Microsoft Azure environments, is “BlackCat.” Developed by ‘azurekid,’ BlackCat is a PowerShell module designed to help validate and enhance the security posture of Azure deployments. What Read More …
ACE – Access Control Entries
The Building Blocks of Permissions In the realm of Identity and Access Management, controlling who can access what is paramount. While Access Control Lists (ACLs) provide the structure for managing permissions, the individual permissions themselves are defined within Access Control Entries (ACEs). Understanding ACEs is crucial for IT students to grasp the fine-grained control that Read More …
smbclient test for 445
While smbclient is primarily used for interacting with SMB shares (like listing shares or accessing files),, it can implicitly indicate if port 445 is open and accessible. If smbclient can successfully connect to an SMB share on a target system, it means port 445 is open on that system and allowing connections. How it works: When you use smbclient Read More …