If a computer were a human body, the Central Processing Unit, or CPU, would be its brain. The CPU is one of the most critical components in any computer, responsible for carrying out instructions and ensuring everything works together smoothly. Let’s explore what the CPU is, what it does, and how it functions in a Read More …
Tag: tmack
Hacker Video – Intro to Hacking Web Apps
Assessing the security posture of a web application is a common project for a penetration tester and a good skill for developers to know. In this talk, I’ll go over the different stages of a web application pen test, from start to finish. We’ll start with tools used during the discovery phase to utilize OSINT Read More …
RAM: The Heart of a Computer’s Memory
RAM, which stands for Random Access Memory, is a computer’s workspace—a temporary storage area where the computer processes and uses information. Let’s dive into what RAM is and why it’s essential for a computer to function. What is RAM? RAM, or Random Access Memory, is a type of computer memory that temporarily holds data and Read More …
FTP :: A Tool for Online File Management
In the digital era, the ability to share and manage files efficiently over networks is crucial. The File Transfer Protocol (FTP) is a long-standing tool that enables users to transfer files between systems on a network. This article explains what FTP is, how it works, and its relevance in today’s online world. What is FTP? Read More …
UPnP :: Its Role in Modern Online Gaming
Universal Plug and Play (UPnP) is a set of networking protocols that simplifies the process of connecting devices on a network. While its primary purpose is to streamline device discovery and communication, UPnP plays a significant role in enhancing the online gaming experience. This article delves into what UPnP is, how it works, and its Read More …
HTTP: The Foundation of the World Wide Web
The Hypertext Transfer Protocol (HTTP) is a cornerstone of the internet and the World Wide Web. It enables the seamless exchange of information between devices, making web browsing, data sharing, and online interactions possible. This article explores what HTTP is, how it works, and why it is essential for the modern internet. What is HTTP? Read More …
Quick Note :: Attribute Based Access
We then end up with two main classifications of access control: Role-Based Access Control (RBAC). Define the role for the access to data, eg Policy = Subject (AND/OR) Role –> Permissions. Attribute-Based Access Control (ABCL). Define attributes eg Policy = User (role, nationality) AND/OR Resource (department, owner) AND/OR Action AND/OR Context (time, IP, location) -> Read More …
NOTES :: Retrieval Augmented Generation (RAG)
A solution model pattern in how to leverage large language models. Systems that use LLM but on their own content. Start Large language models can be inconsistent. Sometimes they nail the answer to questions, other times they regurgitate random facts from their training data. If they occasionally sound like they have no idea what they’re Read More …
Hacker Video – Fyodor – Nmap: Scanning The Internet – Defcon 16
Oldie but one of my favorites The Nmap Security Scanner was built to efficiently scan large networks, but Nmap’s author Fyodor took this to a new level by scanning millions of Internet hosts as part of the World scan project. He presents the most interesting findings and empirical statistics from these scans, along with practical Read More …
Some fun AWS reads
Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources https://www.aquasec.com/blog/bucket-monopoly-breaching-aws-accounts-through-shadow-resources/ Capturing Exposed AWS Keys During Dynamic Web Application Tests https://www.praetorian.com/blog/capturing-exposed-aws-keys-during-dynamic-web-application-tests/ AWS Network Firewall egress filtering can be easily bypassed https://canglad.com/blog/2023/aws-network-firewall-egress-filtering-can-be-easily-bypassed/