Shlomi Boutnaru

Ever wonder who’s actually behind that "Are you sure?" screen that pops up when you try to install something? Meet "consent.exe", the gatekeeper of your Windows administrative privileges. @boutnaru/the-windows-process-journey-consent-exe-consent-ui-for-administrative-applications-d8e6976e8e40" target="_blank" rel="nofollow noopener">medium.com/@boutnaru/the-… #WindowsInternals #Security #UAC #TechDeepDive #DFIR

Choosing between CPython and PyPy is the ultimate "compatibility vs. speed" trade-off. One is the reliable classic, the other is a JIT fueled speed demon (Until JIT will be fully supported on CPython). @boutnaru/python-cpython-vs-pypy-c2ce35e68809" target="_blank" rel="nofollow noopener">medium.com/@boutnaru/pyth… #Python #Programming #Coding #CPython #PyPy

Meet the master architect of Windows sessions: smss.exe 🏗️ From initializing environment variables to launching CSRSS and Winlogon, it’s the first user-mode process to join the party. 🔗 @boutnaru/the-windows-process-journey-smss-exe-session-manager-subsystem-bca2cf748d33" target="_blank" rel="nofollow noopener">medium.com/@boutnaru/the-… #WindowsInternals #Security #OSArchitecture #DFIR #Forensics

When the OOM Killer marks a process for death, who ensures the memory is actually reclaimed? 💀 The OOM Reaper is the Linux kernel’s hero, stepping in to harvest memory. 🔗 @boutnaru/the-linux-process-journey-oom-reaper-578bb9c6ad0c" target="_blank" rel="nofollow noopener">medium.com/@boutnaru/the-… #Linux #Kernel #DevOps #SRE #Learning

Ever had your copy-paste feature just... quit on you during an RDP session? Most of us just kill the process and pray, but do you actually know what rdpclip.exe is doing under the hood? 🔗 @boutnaru/the-windows-process-journey-rdpclip-exe-rdp-clipboard-monitor-160d36034967" target="_blank" rel="nofollow noopener">medium.com/@boutnaru/the-… #Windows #SysAdmin #Security #TechTips

Ever wondered what’s actually happening when Windows asks, "How do you want to open this file?" 📂 It’s not just a random popup, it’s the work of OpenWith.exe. 🔗 @boutnaru/the-windows-process-journey-openwith-exe-pick-an-app-7bf3a3349a38" target="_blank" rel="nofollow noopener">medium.com/@boutnaru/the-… #WindowsInternals #Security #SysAdmin #TechDeepDive

The mystery of the kworker process, finally solved🐧. It’s not a ghosts in the machine it’s just the kernel doing its chores. 🔗 @boutnaru/the-linux-process-journey-kworker-f947634da73" target="_blank" rel="nofollow noopener">medium.com/@boutnaru/the-… #Linux #Kernel #SysAdmin #OpenSource #Security #TheLinuxProcessJourney

Ever wondered what happens behind the scenes during a Windows boot? 🖥️ Check out this deep dive into wininit.exe—the critical "Windows Start-up Application" responsible for launching the Service Control Manager (SCM) and LSASS. @boutnaru/the-windows-process-journey-wininit-exe-windows-start-up-application-5581bfe6a01e" target="_blank" rel="nofollow noopener">medium.com/@boutnaru/the-… #Windows #Boot #learning

Ever wondered what actually powers your Windows login screen? 🖥️ LogonUI.exe is the heavy lifter behind the Credential Provider UI and the lock screen visuals 🔗 @boutnaru/the-windows-process-journey-logonui-exe-windows-logon-user-interface-host-4b5b8b6417cb" target="_blank" rel="nofollow noopener">medium.com/@boutnaru/the-… #WindowsInternals #Cybersecurity #LogonUI #OSArchitecture

Shamir’s Secret Sharing splits your secret into pieces so it only works when the team comes together. One share lost? No problem. One stolen? Your data is still safe. 🤫Eliminate your single point of failure: @boutnaru/the-cryptography-concept-journey-shamirs-secret-sharing-7d78dd9cf855" target="_blank" rel="nofollow noopener">medium.com/@boutnaru/the-… #Cryptography #Security #InfoSec #Tech

Ever wonder how public-key cryptography actually started? 🔓 It wasn't "RSA" or "Diffie-Hellman". It began with Merkle’s Puzzles in 1974. Dive into the elegant concept that paved the way: @boutnaru/the-cryptography-concept-journey-merkles-puzzles-bb085c67f4e0" target="_blank" rel="nofollow noopener">medium.com/@boutnaru/the-… #Cryptography #Security #TechHistory #infosecurity

Ever wondered why Linux systems count time from January 1, 1970? 🕒 Dive into the history and mechanics of #UnixTime in the "Linux Concept Journey" article. Read more here: @boutnaru/the-linux-concept-journey-unix-time-f1cdd7cd57b1" target="_blank" rel="nofollow noopener">medium.com/@boutnaru/the-… #Linux #OpenSource #TechHistory #Coding

New post in the Linux Security Journey! 🐧 Today we’re diving into Fail2ban—how it works and why it’s essential for protecting your servers against brute-force attacks Read more here: @boutnaru/the-linux-security-journey-fail2ban-10c8da33d46f" target="_blank" rel="nofollow noopener">medium.com/@boutnaru/the-… #Linux #CyberSecurity #SysAdmin #Fail2ban

Every file/directory on a Linux filesystem has an inode (index node), a critical data structure that stores metadata (permissions\owner\size\timestamps\etc.). It's how the kernel efficiently tracks and accesses data! medium.com/p/7ba47a519940 #Linux #DevOps #Filesystem #inode

Linux Namespaces create the illusion that a process has the system's resources all to itself! It's key to process isolation while sharing the same kernel. Introduced in kernel 2.4.19, its a foundation of modern container tech medium.com/p/dcee9c40fb68 #Linux #Containers #Kernel

The Wifi.etl file (%windir%\System32\LogFiles\WMI\) is an artifact of Windows' ETW. Its existence confirms a existence of a Wi-Fi card. We can extract: SSID, BSS type, encryption, and more! Remember, it's a circular log!! @boutnaru/the-windows-forensic-journey-wifi-etl-de4107b8cf7c" target="_blank" rel="nofollow noopener">medium.com/@boutnaru/the-… #DFIR #Windows #Security #ETW

Linux Keyrings are your in-kernel secret weapon for secure data storage (tokens, keys, passwords). They keep sensitive app data isolated from other processes. medium.com/p/d4ad07c091b3 #Linux #Security #Keyrings #AppDev #Development #TheLinuxSecurityJourney

Did you know tccd (Transparency, Consent, & Control) is the silent guardian managing your macOS app permissions? It stops apps from secretly accessing your Camera, Mic, and Files without approval. medium.com/p/9ac60b950bbe #macOS #Security #Apple #InformationSecurity

The Magic of kcompactd Memory pages get scattered causing fragmentation. The kcompactd kernel thread runs in the background, using page migration to consolidate free memory, providing contiguous space and better performance. medium.com/p/d550dd5579eb #Linux #Kernel #Memory

The heart of process management is the task_struct (Linux's PCB/TCB). It includes: PID, credentials, memory space, open resources and more! Familiarity with task_struct is essential for powerful tracing and debugging with tools like bpftrace. medium.com/p/829f51d97275 #Linux