📚 OS Concepts — Scheduling Algorithms Compared! 🧵
How does your OS decide which app runs next? Let’s compare the 4 big ones in simple terms:
🔹 1. FIFO (First-In, First-Out)
🛒 Run in the order they arrive
😐 Simple, but if a long job comes first... everyone waits!
🔹 2. SJF (Shortest Job First)
⏳ Runs the shortest task first
✅ Great for efficiency
❌ Bad for long tasks — they may never run
🔹 3. STCF (Shortest Time to Completion First)
🧠 Smarter version of SJF — but preemptive
🔁 Always picks the job with the least time left
📈 Good response time, but needs to know job lengths!
🔹 4. Round Robin
🔄 Every task gets a turn!
🕒 Each process runs for a fixed time slice (quantum)
✅ Fair for all, great for multitasking
❌ May have overhead from frequent switching
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
How does your OS decide which app runs next? Let’s compare the 4 big ones in simple terms:
🔹 1. FIFO (First-In, First-Out)
🛒 Run in the order they arrive
😐 Simple, but if a long job comes first... everyone waits!
🔹 2. SJF (Shortest Job First)
⏳ Runs the shortest task first
✅ Great for efficiency
❌ Bad for long tasks — they may never run
🔹 3. STCF (Shortest Time to Completion First)
🧠 Smarter version of SJF — but preemptive
🔁 Always picks the job with the least time left
📈 Good response time, but needs to know job lengths!
🔹 4. Round Robin
🔄 Every task gets a turn!
🕒 Each process runs for a fixed time slice (quantum)
✅ Fair for all, great for multitasking
❌ May have overhead from frequent switching
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
🎯 What Can Be Done via Syscall Hijacking?
1) Hide files, processes, or network connections
2) Escalate privileges
3) Bypass security checks
4) Intercept credentials or sensitive data
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
1) Hide files, processes, or network connections
2) Escalate privileges
3) Bypass security checks
4) Intercept credentials or sensitive data
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
🧠 1. Soft Updates (SU)
🔍 What is it?
Soft Updates are a technique to maintain on-disk consistency without using journaling.
Instead of logging changes, the system orders metadata writes carefully so that the disk is always in a consistent state, even after a crash.
✅ Key Idea:
💡 If a file is deleted, don't free its blocks until the inode is updated.
💡 If a file is created, update the directory only after writing the inode.
📌 Benefit:
Faster than journaling
Reduces redundant writes
Ensures metadata correctness
❗️Downside:
Complex implementation
Doesn’t protect file data, only metadata
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
🔍 What is it?
Soft Updates are a technique to maintain on-disk consistency without using journaling.
Instead of logging changes, the system orders metadata writes carefully so that the disk is always in a consistent state, even after a crash.
✅ Key Idea:
💡 If a file is deleted, don't free its blocks until the inode is updated.
💡 If a file is created, update the directory only after writing the inode.
📌 Benefit:
Faster than journaling
Reduces redundant writes
Ensures metadata correctness
❗️Downside:
Complex implementation
Doesn’t protect file data, only metadata
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
🧠 What’s the Thompson Compiler Backdoor?
Ken Thompson (co-creator of Unix) showed how a compiler itself can be modified to insert a backdoor — without that backdoor appearing in any source code.
🧪 How It Works:
1️⃣ Modify the compiler to recognize when it's compiling login and inject a backdoor (e.g., accept a secret password)
2️⃣ ALSO modify the compiler to recognize when it’s compiling itself — and reinject the malicious behavior
3️⃣ Result: Even if someone recompiles the compiler from clean source, the backdoor reappears automatically!
😱 So the source code can look 100% clean… but the compiled output is still malicious.
🛑 Why It’s Scary:
Completely invisible in source audits
Infects every binary built with the backdoored compiler
Trust becomes recursive: You must trust the thing that builds the thing
🛡 Modern Relevance & Mitigations:
✅ Reproducible builds — verify binaries match the source
✅ Bootstrapping from trusted roots
✅ Open-source compiler ecosystems with verifiable toolchains
Ken’s lesson?
“You can’t trust code you did not totally create yourself.”
A timeless reminder in the age of supply chain attacks.
#CyberSecurity #CompilerBackdoor #KenThompson #TrustingTrust #SupplyChainSecurity #Backdoors #InfoSec #HackingHistory #SecureCoding #OpenSourceTrust
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
Ken Thompson (co-creator of Unix) showed how a compiler itself can be modified to insert a backdoor — without that backdoor appearing in any source code.
🧪 How It Works:
1️⃣ Modify the compiler to recognize when it's compiling login and inject a backdoor (e.g., accept a secret password)
2️⃣ ALSO modify the compiler to recognize when it’s compiling itself — and reinject the malicious behavior
3️⃣ Result: Even if someone recompiles the compiler from clean source, the backdoor reappears automatically!
😱 So the source code can look 100% clean… but the compiled output is still malicious.
🛑 Why It’s Scary:
Completely invisible in source audits
Infects every binary built with the backdoored compiler
Trust becomes recursive: You must trust the thing that builds the thing
🛡 Modern Relevance & Mitigations:
✅ Reproducible builds — verify binaries match the source
✅ Bootstrapping from trusted roots
✅ Open-source compiler ecosystems with verifiable toolchains
Ken’s lesson?
“You can’t trust code you did not totally create yourself.”
A timeless reminder in the age of supply chain attacks.
#CyberSecurity #CompilerBackdoor #KenThompson #TrustingTrust #SupplyChainSecurity #Backdoors #InfoSec #HackingHistory #SecureCoding #OpenSourceTrust
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
📚 OS Concepts — Inode vs Superblock Explained! 🧵
Ever wonder how your OS keeps track of files & the whole disk? Let’s break down inode vs superblock 👇
🔹 Inode = File Metadata
📁 One inode per file/dir
✅ Stores:
Size, owner, permissions
Timestamps
Pointers to file data blocks
❌ Does NOT store the file name!
🔹 Superblock = File System Metadata
💽 One per file system
✅ Stores:
File system type (ext4, etc.)
Total/free blocks & inodes
Block size
Mount info
🧠 Analogy:
🧾 Inode = Info about 1 document
📚 Superblock = Table of contents of the entire filing cabinet
📌 TL;DR:
Inode = per file
Superblock = per file system
#OS #Inode #Superblock #FileSystem #StorageManagement #InfoSecTube
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
Ever wonder how your OS keeps track of files & the whole disk? Let’s break down inode vs superblock 👇
🔹 Inode = File Metadata
📁 One inode per file/dir
✅ Stores:
Size, owner, permissions
Timestamps
Pointers to file data blocks
❌ Does NOT store the file name!
🔹 Superblock = File System Metadata
💽 One per file system
✅ Stores:
File system type (ext4, etc.)
Total/free blocks & inodes
Block size
Mount info
🧠 Analogy:
🧾 Inode = Info about 1 document
📚 Superblock = Table of contents of the entire filing cabinet
📌 TL;DR:
Inode = per file
Superblock = per file system
#OS #Inode #Superblock #FileSystem #StorageManagement #InfoSecTube
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
💮a NOP slide is a sequence of NOP (no-operation) instructions that is inserted at the beginning of a code section. When a program branches to the start of this code section, it will "slide" through the NOP instructions until it reaches the desired, final destination. This technique is commonly used in software exploits to direct program execution when the target of a branch instruction is not known precisely.
💉For example, suppose an attacker has found a buffer overflow vulnerability in a program and wants to exploit it to execute arbitrary code. They might insert a NOP slide at the start of the buffer, followed by the code they want to execute. When the program overflows the buffer and branches to the start of the buffer, it will slide through the NOP instructions until it reaches the attacker's code, which will then be executed.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
💉For example, suppose an attacker has found a buffer overflow vulnerability in a program and wants to exploit it to execute arbitrary code. They might insert a NOP slide at the start of the buffer, followed by the code they want to execute. When the program overflows the buffer and branches to the start of the buffer, it will slide through the NOP instructions until it reaches the attacker's code, which will then be executed.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
🦚S/MIME stands for Secure/Multipurpose Internet Mail Extensions. It is a widely adopted email encryption and digital signing standard used primarily in corporate and government environments.
📧 What Does S/MIME Do?
S/MIME provides two main security features for email:
🔐 Encryption – Ensures that only the intended recipient can read the message
✍️ Digital Signature – Verifies the identity of the sender and ensures message integrity
🧠 How S/MIME Works
S/MIME uses X.509 digital certificates and public key cryptography:
You have a public-private key pair
Your S/MIME certificate includes your public key, issued by a trusted Certificate Authority (CA)
✅ Sending a Signed Email:
You sign the email with your private key
The recipient verifies the signature using your public key from your S/MIME certificate
✅ Sending an Encrypted Email:
You encrypt the message using the recipient’s public key
Only the recipient can decrypt it using their private key
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
📧 What Does S/MIME Do?
S/MIME provides two main security features for email:
🔐 Encryption – Ensures that only the intended recipient can read the message
✍️ Digital Signature – Verifies the identity of the sender and ensures message integrity
🧠 How S/MIME Works
S/MIME uses X.509 digital certificates and public key cryptography:
You have a public-private key pair
Your S/MIME certificate includes your public key, issued by a trusted Certificate Authority (CA)
✅ Sending a Signed Email:
You sign the email with your private key
The recipient verifies the signature using your public key from your S/MIME certificate
✅ Sending an Encrypted Email:
You encrypt the message using the recipient’s public key
Only the recipient can decrypt it using their private key
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
🔴 تکنیکهای پیشرفته کشسازی در معماری سیستمها
🔸 افزایش سرعت دسترسی به دادهها، در بسیاری از سیستمها به کمک حافظه کش (Cache) امکانپذیر شده است. اما پیادهسازی دقیق و مؤثر کش، به دانش تخصصیتری نیاز دارد.
🔹 کش میتواند در لایههای مختلفی مثل CPU، دیسک، شبکه یا حتی سمت سرورهای API پیادهسازی شود. برای مثال، در طراحی وبسرویسها، استفاده از Redis یا Memcached به عنوان حافظه کش خارجی، بار روی دیتابیس را کاهش داده و سرعت پاسخ را افزایش میدهد. الگوهایی مانند Cache-aside، Write-through و Write-back برای مدیریت دادههای کش بسیار مهم هستند. همچنین، تعیین زمان انقضا (TTL) و invalidate کردن کش هنگام تغییر دادهها، از چالشهای اصلی محسوب میشود.
⭕️ درک عمیق از معماری کش، یکی از ارکان طراحی سیستمهای مقیاسپذیر و پرسرعت است.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
🔸 افزایش سرعت دسترسی به دادهها، در بسیاری از سیستمها به کمک حافظه کش (Cache) امکانپذیر شده است. اما پیادهسازی دقیق و مؤثر کش، به دانش تخصصیتری نیاز دارد.
🔹 کش میتواند در لایههای مختلفی مثل CPU، دیسک، شبکه یا حتی سمت سرورهای API پیادهسازی شود. برای مثال، در طراحی وبسرویسها، استفاده از Redis یا Memcached به عنوان حافظه کش خارجی، بار روی دیتابیس را کاهش داده و سرعت پاسخ را افزایش میدهد. الگوهایی مانند Cache-aside، Write-through و Write-back برای مدیریت دادههای کش بسیار مهم هستند. همچنین، تعیین زمان انقضا (TTL) و invalidate کردن کش هنگام تغییر دادهها، از چالشهای اصلی محسوب میشود.
⭕️ درک عمیق از معماری کش، یکی از ارکان طراحی سیستمهای مقیاسپذیر و پرسرعت است.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
🧟 Zombie State
After a process exits, it can stay in a zombie state until its parent "waits" for it.
Purpose: Let parent check exit status.
Once parent collects status, the OS can clean up.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
After a process exits, it can stay in a zombie state until its parent "waits" for it.
Purpose: Let parent check exit status.
Once parent collects status, the OS can clean up.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
🐞In source code, the term "lexed" refers to the process of converting the code's raw text into a stream of tokens. This is a fundamental step in compilation or interpretation, done by a program called a lexer or scanner. Lexing breaks down the source code into meaningful units, like keywords, identifiers, operators, and literals, which are then used by the parser to understand the code's structure.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
🦚IPSec, or Internet Protocol Security, is a set of protocols used to secure communication over IP networks. It works by encrypting and authenticating IP packets to ensure confidentiality, integrity, and source authentication of data. IPSec is commonly used in virtual private networks (VPNs) to create secure tunnels for data transmission.
Two Modes:
IPSec has two primary modes of operation:
Transport Mode: Encrypts and authenticates only the IP payload (the actual data), leaving the IP header untouched.
Tunnel Mode: Encrypts and authenticates the entire IP packet, including the header, creating a secure tunnel.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
Two Modes:
IPSec has two primary modes of operation:
Transport Mode: Encrypts and authenticates only the IP payload (the actual data), leaving the IP header untouched.
Tunnel Mode: Encrypts and authenticates the entire IP packet, including the header, creating a secure tunnel.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
⚓️DKOM stands for Direct Kernel Object Manipulation. It's a technique used by kernel-mode rootkits to hide their presence and subvert system operations by directly modifying the operating system's kernel data structures.
Specifically, a rootkit can use DKOM to hide processes, intercept system calls, or modify the gates between user mode and kernel mode. By altering these fundamental components, the rootkit can effectively cloak itself from detection and maintain persistent control over the system.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
Specifically, a rootkit can use DKOM to hide processes, intercept system calls, or modify the gates between user mode and kernel mode. By altering these fundamental components, the rootkit can effectively cloak itself from detection and maintain persistent control over the system.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
📚 OS Concepts — What is a Bitmap in File Systems? 💾🧵
Let’s break down how operating systems track free space using one of the simplest tools: the bitmap!
🔸 What is a Bitmap?
A 0/1 vector where:
0 = block is free
1 = block is used
Each bit = 1 disk block
🔹 How it’s used in file creation:
You create a file 📝
OS checks bitmap for free bits 0 0
Allocates those blocks → updates bits to 1
🧠 Analogy:
Hotel rooms = disk blocks
Receptionist’s checklist ✅❌ = bitmap
Guest = your file
Reception assigns free rooms → marks as taken ✅
📌 Why it rocks:
Fast, simple, efficient
Easy to update
Visual & compact
#OS #Bitmap #FileSystem #DiskAllocation #StorageManagement #InfoSecTube
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
Let’s break down how operating systems track free space using one of the simplest tools: the bitmap!
🔸 What is a Bitmap?
A 0/1 vector where:
0 = block is free
1 = block is used
Each bit = 1 disk block
🔹 How it’s used in file creation:
You create a file 📝
OS checks bitmap for free bits 0 0
Allocates those blocks → updates bits to 1
🧠 Analogy:
Hotel rooms = disk blocks
Receptionist’s checklist ✅❌ = bitmap
Guest = your file
Reception assigns free rooms → marks as taken ✅
📌 Why it rocks:
Fast, simple, efficient
Easy to update
Visual & compact
#OS #Bitmap #FileSystem #DiskAllocation #StorageManagement #InfoSecTube
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
🌐 What Is an FQDN?
An FQDN is the complete domain name of a specific computer, host, or service on the internet (or a private network). It uniquely identifies a device by including all levels of the domain name hierarchy, from the hostname to the top-level domain (TLD).
🧱 FQDN Structure
✅ Example:
www.example.com.
www = hostname
example = domain
com = top-level domain (TLD)
The trailing dot (.) is optional in most uses—it marks the root of the DNS system.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
An FQDN is the complete domain name of a specific computer, host, or service on the internet (or a private network). It uniquely identifies a device by including all levels of the domain name hierarchy, from the hostname to the top-level domain (TLD).
🧱 FQDN Structure
<hostname>.<domain>.<top-level domain>
✅ Example:
www.example.com.
www = hostname
example = domain
com = top-level domain (TLD)
The trailing dot (.) is optional in most uses—it marks the root of the DNS system.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
🔴 سامانههای Low-Code؛ انقلاب در توسعه نرمافزار
🔸 در دنیای توسعه نرمافزار، سرعت و سادگی به اولویت تبدیل شدهاند. سامانههای Low-Code با حذف پیچیدگی کدنویسی سنتی، این امکان را به توسعهدهندگان و حتی افراد غیر فنی میدهند تا نرمافزارهایی قابل اجرا طراحی کنند.
🔹 پلتفرمهای Low-Code مانند OutSystems، Mendix و Microsoft PowerApps، ابزارهایی گرافیکی با قابلیت Drag-and-Drop برای ساخت سریع اپلیکیشنها ارائه میدهند. این فناوری بهخصوص در سازمانهایی که نیاز به توسعه سریع و تغییرات مداوم دارند، محبوبیت پیدا کرده است. با این حال، برای پروژههای پیچیده همچنان نیاز به توسعهدهندگان حرفهای باقی میماند تا منطقهای پیچیده تجاری یا نیازهای امنیتی پیشرفته را پیادهسازی کنند.
⭕️ فناوری Low-Code در مسیر دموکراتیزهسازی توسعه نرمافزار گام بزرگی برداشته است.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
🔸 در دنیای توسعه نرمافزار، سرعت و سادگی به اولویت تبدیل شدهاند. سامانههای Low-Code با حذف پیچیدگی کدنویسی سنتی، این امکان را به توسعهدهندگان و حتی افراد غیر فنی میدهند تا نرمافزارهایی قابل اجرا طراحی کنند.
🔹 پلتفرمهای Low-Code مانند OutSystems، Mendix و Microsoft PowerApps، ابزارهایی گرافیکی با قابلیت Drag-and-Drop برای ساخت سریع اپلیکیشنها ارائه میدهند. این فناوری بهخصوص در سازمانهایی که نیاز به توسعه سریع و تغییرات مداوم دارند، محبوبیت پیدا کرده است. با این حال، برای پروژههای پیچیده همچنان نیاز به توسعهدهندگان حرفهای باقی میماند تا منطقهای پیچیده تجاری یا نیازهای امنیتی پیشرفته را پیادهسازی کنند.
⭕️ فناوری Low-Code در مسیر دموکراتیزهسازی توسعه نرمافزار گام بزرگی برداشته است.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
🧭 Why Use Threads?
✅ 1. Parallelism
Split CPU-intensive tasks (e.g., processing large arrays) across multiple cores
✅ 2. Avoid Blocking
While one thread waits for I/O (e.g., disk or network), others can keep working
🧠 Threads allow better resource utilization, especially on multi-core systems or I/O-heavy apps.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
✅ 1. Parallelism
Split CPU-intensive tasks (e.g., processing large arrays) across multiple cores
✅ 2. Avoid Blocking
While one thread waits for I/O (e.g., disk or network), others can keep working
🧠 Threads allow better resource utilization, especially on multi-core systems or I/O-heavy apps.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
🕸Fundamental Goals of Computer Security
Confidentiality: Protect data from unauthorized access.
Integrity: Ensure data/software/hardware is unaltered by unauthorized parties.
Authorization: Limit access to approved entities.
Availability: Ensure resources are accessible to authorized users.
Authentication: Confirm identity of entities and data sources.
Accountability: Track and link actions to responsible entities.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
Confidentiality: Protect data from unauthorized access.
Integrity: Ensure data/software/hardware is unaltered by unauthorized parties.
Authorization: Limit access to approved entities.
Availability: Ensure resources are accessible to authorized users.
Authentication: Confirm identity of entities and data sources.
Accountability: Track and link actions to responsible entities.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
❤1👍1
Q: Why is return-to-libc considered a stealthier exploitation method compared to traditional shellcode injection?
A:Return-to-libc exploits use legitimate library functions (e.g., system()) already present in memory, bypassing restrictions like non-executable stack protections and avoiding direct code injection. This makes detection harder and evades many signature-based defenses.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
A:
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
🔴 رایانش ناهمگن (Heterogeneous Computing)؛ ترکیب CPU، GPU و FPGA برای پردازشهای پیشرفته
🔸 در پردازشهای مدرن، استفاده از یک نوع پردازنده دیگر کافی نیست. رایانش ناهمگن (Heterogeneous Computing) به ترکیب واحدهای پردازشی مختلف مانند CPU، GPU و FPGA در یک سیستم برای افزایش کارایی و بهرهوری اشاره دارد. این فناوری در هوش مصنوعی، تحلیل دادههای عظیم و پردازشهای علمی نقش حیاتی ایفا میکند.
🔹به طور کلی CPUها برای اجرای وظایف عمومی مناسب هستند، اما برای پردازشهای گرافیکی و موازی، GPUها عملکرد بهتری دارند. FPGAها نیز قابلیت سفارشیسازی سختافزاری را ارائه میدهند و میتوانند برای محاسبات خاص بهینه شوند. معماریهای جدید مانند CUDA برای GPU و OpenCL برای ترکیب CPU و GPU، امکان توسعهی اپلیکیشنهایی با بهرهوری بالا را فراهم کردهاند. شرکتهایی مانند NVIDIA، AMD و Intel در حال توسعهی راهکارهای پردازش ناهمگن برای کاربردهای پیشرفته هستند.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
🔸 در پردازشهای مدرن، استفاده از یک نوع پردازنده دیگر کافی نیست. رایانش ناهمگن (Heterogeneous Computing) به ترکیب واحدهای پردازشی مختلف مانند CPU، GPU و FPGA در یک سیستم برای افزایش کارایی و بهرهوری اشاره دارد. این فناوری در هوش مصنوعی، تحلیل دادههای عظیم و پردازشهای علمی نقش حیاتی ایفا میکند.
🔹به طور کلی CPUها برای اجرای وظایف عمومی مناسب هستند، اما برای پردازشهای گرافیکی و موازی، GPUها عملکرد بهتری دارند. FPGAها نیز قابلیت سفارشیسازی سختافزاری را ارائه میدهند و میتوانند برای محاسبات خاص بهینه شوند. معماریهای جدید مانند CUDA برای GPU و OpenCL برای ترکیب CPU و GPU، امکان توسعهی اپلیکیشنهایی با بهرهوری بالا را فراهم کردهاند. شرکتهایی مانند NVIDIA، AMD و Intel در حال توسعهی راهکارهای پردازش ناهمگن برای کاربردهای پیشرفته هستند.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
Hooking in malware refers to the technique of intercepting or modifying the normal flow of execution of a program or system function. Malware uses hooking to observe, manipulate, or hide activities by redirecting or altering function calls.
🔍 What Exactly Is Hooking?
Hooking means inserting custom code (a "hook") into existing code so that the attacker can:
Run their own code before or after a legitimate function
Modify arguments or return values
Suppress or replace the execution of the real function
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
🔍 What Exactly Is Hooking?
Hooking means inserting custom code (a "hook") into existing code so that the attacker can:
Run their own code before or after a legitimate function
Modify arguments or return values
Suppress or replace the execution of the real function
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
🔰In Public Key Infrastructure (PKI), Trust on First Use (TOFU) means a client trusts a server's identity upon its first connection, without verifying its authenticity. Check on First Use, on the other hand, implies a client verifies the server's identity on the first connection, ensuring it's legitimate before trusting it.
Example:
SSH often uses TOFU for initial authentication, where the client accepts the server's public key on the first connection.
Example:
HTTPS uses Check on First Use, verifying the server's certificate against a trusted root CA during the initial handshake.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
Example:
SSH often uses TOFU for initial authentication, where the client accepts the server's public key on the first connection.
Example:
HTTPS uses Check on First Use, verifying the server's certificate against a trusted root CA during the initial handshake.
🎯@InfoSecTube
📌YouTube channel
🎁Boost Us
❤1