auditing linux systems with auditd — This article was originally published at https://ayedaemon.github.io and has been reposted here via automated scripts. For better formatting, read original post here -> https://ayedaemon.github.io/post/2022/12/recording_system_events_with_auditd/. Audits are critical for system administrators to detect security violations and track security-relevant information on their systems. …

Linux-PAM is a system of libraries that handle the authentication tasks of applications (services) on the system. — This article was originally published at https://ayedaemon.github.io and has been reposted here via automated scripts. For better formatting, read original post here -> https://ayedaemon.github.io/post/2022/12/pluggable-authentication-modules-linux/. PAM — What and Why Authenticating a user to a service used to be a time-consuming process. The application had to be aware of all possible authentication mechanisms and had to…

Analysis of bootloader and partition table; And some fun with Master Boot Record — This article was originally published at https://ayedaemon.github.io and has been reposted here via automated scripts. For better formatting, read original post here -> https://ayedaemon.github.io/post/2022/09/fun-with-mbr/. Malware has been used numerous times by attackers to destroy a computer’s Master Boot Record, rendering it inoperable. By erasing the MBR, the machine is unable…

Basics of assembly and its relation with higher level constucts — This article was originally published at https://ayedaemon.github.io and has been reposted here via automated scripts. For better formatting, read original post here -> https://ayedaemon.github.io/post/2022/09/intro-to-re/. Steps to generate a binary When we write a program using a language like C, it is not C source code which really gets executed. This C code passes through many…

Task 6 for Eudyptula challenge — This article was originally published at https://ayedaemon.github.io and has been reposted here via automated scripts. For better formatting, read original post here -> https://ayedaemon.github.io/post/draft/eudyptula-task-6/. This is Task 06 of the Eudyptula Challenge ------------------------------------------ Nice job with the module loading macros, those are tricky, but a very valuable skill to know about, especially when…

Story of how I examined some basic powershell malware I happened to stumble into on github. — This article was originally published at https://ayedaemon.github.io and has been reposted here via automated scripts. For better formatting, read original post here -> https://ayedaemon.github.io/post/2022/08/analyzing-simple-powershell-malware/. What is a malware? Malware, a portmanteu meaning malicious software, refers to any program that was created with the specific goal of doing harm. Your digital environment is vulnerable to…

Task 3 for Eudyptula challenge — This article was originally published at https://ayedaemon.github.io and has been reposted here via automated scripts. For better formatting, read original post here -> https://ayedaemon.github.io/post/2022/06/eudyptula-task-3/. This is Task 03 of the Eudyptula Challenge ------------------------------------------ Now that you have your custom kernel up and running, it's time to modify it! The tasks for this round is…

Task 4 for Eudyptula challenge — This article was originally published at https://ayedaemon.github.io and has been reposted here via automated scripts. For better formatting, read original post here -> https://ayedaemon.github.io/post/2022/06/eudyptula-task-4/. This is Task 04 of the Eudyptula Challenge ------------------------------------------ Wonderful job in making it this far, I hope you have been having fun. Oh, you're getting bored, just booting…

Task 2 for Eudyptula challenge — This article was originally published at https://ayedaemon.github.io and has been reposted here via automated scripts. For better formatting, read original post here -> https://ayedaemon.github.io/post/2022/06/eudyptula-task-2/. This is Task 02 of the Eudyptula Challenge ------------------------------------------ Now that you have written your first kernel module, it's time to take off the training wheels and move on…