Abdulaziz Al-Zabin

Abdulaziz Al-Zabin

CyberSecurity Enthusiast

Hey, I'm 4ΣiΣ, A CyberSec guy, and this is my blog

Latest Posts

6 posts
MSNightmare that became my own Nightmare - Part 2 (RoguePlanet)
CyberSecurity

MSNightmare that became my own Nightmare - Part 2 (RoguePlanet)

A normal user, double clicks a file, and a few seconds later a console window pops up running as NT AUTHORITY\SYSTEM. No admin prompt, no password, no kernel driver. The thing that is supposed to protect you, Windows Defender, is the getaway car.

Jun 17, 2026
#Open Source#CTI+1
Read more
MSNightmare that became my own Nightmare - Part 1 (GreatXML)
CyberSecurity

MSNightmare that became my own Nightmare - Part 1 (GreatXML)

A full-disk encryption bypass served up with a proof of concept, public write-up, and everything needed to get security teams scrambling. The repository is called GreatXML, and while the name sounds a little self-congratulatory, it's hard to argue with it once you see what the bug is capable of.

Jun 12, 2026
#CyberSec#SOC+2
Read more
Thoth: Scraping the Dark Web Without Trusting the Dark Web
CyberSecurity

Thoth: Scraping the Dark Web Without Trusting the Dark Web

Thoth is a dark web scraper built for cyber threat intelligence. It takes a raw analyst query, rewrites it into a compact CTI search phrase, fans it out across multiple .onion search engines over Tor, deduplicates the results, asks an LLM to rank the most relevant links, scrapes the selected pages under hard safety limits, and converts the harvested text into structured intelligence.

Jun 10, 2026
#CTI#Darkweb+1
Read more
From Proving to Living: Redefining Success Beyond First Place
Life

From Proving to Living: Redefining Success Beyond First Place

This article breaks down how outcome-addiction steals peace, joy, and connection, and offers a simple mindset shift: balanced winning. Caring deeply without desperation. Staying ambitious without burning out. Building a life you don’t have to escape from.

Jan 27, 2026
#IDK
Read more
Exorcising T1055.001: Naming the Demon Behind DLL Injection
CyberSecurity

Exorcising T1055.001: Naming the Demon Behind DLL Injection

A practical, evidence-driven playbook to name the exact DLL behind T1055 injection by correlating Sysmon EID 8 with CAPI2 Task 82. Includes ready-to-run SPL queries.

Oct 4, 2025
#SOC#CyberSec+1
Read more
From Chaos to Clarity: How IntelliSecure Personalizes Threat Intelligence
CyberSecurity

From Chaos to Clarity: How IntelliSecure Personalizes Threat Intelligence

IntelliSecure is aproject of mine, Which is a threat intelligence platform that transforms raw cyber reports into personalized, structured insights. By combining web scraping, NLP, and LLM-powered extraction, it builds Attack Profiles enriched with IOCs, TTPs, attacker info, and tailored configuration recommendations.

Sep 4, 2025
#Open Source#CTI+4
Read more