lsassy is an open-source tool developed by Login-Sécurité, designed specifically for offensive security practices. Available on GitHub, lsassy expertly facilitates the extraction of credential data from the memory of the Local Security Authority Subsystem Service (LSASS) process in Windows environments. Key Features Primarily, lsassy is adept at dumping credentials stored within LSASS, which is a Read More …
Author: tmack
VLR – Visitor Location Register
In the realm of mobile telecommunications, the Visitor Location Register (VLR) is an essential component that plays a crucial role in managing user information and ensuring seamless communication. Understanding the VLR can provide valuable insights into how mobile networks operate and how they keep users connected. What is the Visitor Location Register (VLR)? The VLR Read More …
Checking for PrintNightmare vulnerability
In the world of Active Directory security, running the Print Spooler service on a Domain Controller is an unforced error. We saw exactly why with ‘PrintNightmare’—a vulnerability that turned a mundane background service into a highway for ransomware and domain-wide compromise. The reality is simple: if your DC is managing print jobs, it’s also managing Read More …
Enhancing Detection and Response with Intel Owl
Intel Owl is an open-source threat intelligence framework hosted on GitHub. Its primary function is to streamline the process of integrating, sharing, and analyzing threat intelligence data. Key Features Intel Owl has an ability to aggregate data from multiple sources, including public intelligence feeds and local files. It can help organizations perform automated analysis and Read More …
MSC – Mobile Switching Center
In the world of mobile telecommunications, the Mobile Switching Center (MSC) plays a pivotal role in connecting calls and managing communication between mobile users. For those new to technology, understanding MSC is essential to grasp how mobile networks operate and facilitate seamless communication. What is the Mobile Switching Center (MSC)? MSC is a crucial component Read More …
Active Directory Domain Services
Active Directory Domain Services (AD DS) is a critical component of Windows Server that provides a variety of directory services essential for managing and securing a network. It offers a centralized location for network administration, enabling organizations to store information about members of the domain, including users, groups, computers, and other resources. Key Features One Read More …
Beginner’s Guide to the Active Directory Tier Model
The Lateral Movement Highway If you read one of the latest States of Cybercrime report by Microsoft, one finding stands out above the rest: the leading factor in ransomware incidents is “insufficient privilege access and lateral movement controls.” Just so we are all on page 12 with each other, I am saying that Lateral Movement Read More …
NSS – Network Switching Subsystem
The Network Switching Subsystem (NSS) is a critical component of mobile communication networks, particularly in systems like GSM (Global System for Mobile Communications). It plays a vital role in managing and routing calls and data between mobile users and the broader telecommunications network. For someone new to technology, understanding the NSS involves grasping its functions, Read More …
RCE – Remote Code Execution
Ever wonder how cyber attacks like data breaches or widespread disruptions happen? Sometimes, it’s due to a serious weakness called Remote Code Execution, or RCE for short. Imagine you have a computer, and someone, without physically touching it, can open programs, delete files, or even install their own software. That’s essentially what RCE enables. It’s Read More …
CWPP – Cloud Workload Protection Platforms
Cloud Workload Protection Platform (CWPP) is a security solution focused on defending the workloads themselves. This means the compute entities like Virtual Machines (VMs), containers, and serverless functions—regardless of where they run (public cloud, private cloud, or hybrid environments). CWPP is the runtime security layer that applies controls inside the workload, protecting it from threats Read More …