At some point, I found myself in the role of a teacher at one of the Ukrainian universities. I had never worked in this role before, and it turned out to be a great experience for many reasons. One of them is that you actually learn a lot yourself when you have to explain things to others.
UMA (User-Managed Access) 2.0 is an OAuth 2.0-based protocol that enables resource owners to control access to their protected resources. Unlike standard OAuth 2.0 where the resource owner and requesting party are typically the same, UMA introduces the ability to distinguish between:
Keycloak provides comprehensive LDAP (Lightweight Directory Access Protocol) integration through its User Federation system. This allows organizations to authenticate users against existing LDAP directories (such as Active Directory, OpenLDAP, or other LDAP-compliant servers) while leveraging Keycloak’s advanced identity management features.
Version: This documentation is based on Keycloak 26.5.2 Source: keycloak/keycloak
This document describes what a Realm is in Keycloak, its architecture, configuration options, and how it serves as the foundation for multi-tenancy.
When you log into an application protected by Keycloak, it doesn’t just verify your credentials and forget about you—it creates a network of session objects that track who you are, which applications you’ve accessed, and how long you’ve been active. Understanding these sessions is important for anyone building secure applications or troubleshooting authentication issues.
In this post I’ll show you whether a function-local static inside an inline header yields a single program-wide instance, explain how C++ and C differ, and include a small multi-file demo for GCC/Clang/MSVC.
Motivation The purpose of this document is to provide a clear, step-by-step guide for setting up and configuring a Windows development environment specifically tailored for kernel and driver development. Novice developers often face compatibility and configuration issues that make it difficult to get started. This documentation explains practical steps and provides recommendations for configuring a VM with Windows… Read More »
Intro Some time ago, I was in the role of a consultant on how to enable Device Guard in an enterprise in a step-by-step manner. That was the Windows 10 OS, and enabling Credential Guard is another layer of protection against various types of attacks that aim to steal your credentials, such as NTLM hashes, typically with tools… Read More »
One of the popular techniques is based on the usage of a pair of functions: KeStackAttachProcess attaches the current thread to the address space of the target process. This function is used by both Antiviruses and Rootkits. Also, I found some of my old screenshots of disassembled ProcessXP that also uses this approach The final snippet code could… Read More »