Abdulaziz Al-Zabin
Hey, I'm 4ΣiΣ, A CyberSec guy, and this is my blog
Latest Posts
6 posts
MSNightmare that became my own Nightmare - Part 2 (RoguePlanet)
A normal user, double clicks a file, and a few seconds later a console window pops up running as NT AUTHORITY\SYSTEM. No admin prompt, no password, no kernel driver. The thing that is supposed to protect you, Windows Defender, is the getaway car.
Read more
MSNightmare that became my own Nightmare - Part 1 (GreatXML)
A full-disk encryption bypass served up with a proof of concept, public write-up, and everything needed to get security teams scrambling. The repository is called GreatXML, and while the name sounds a little self-congratulatory, it's hard to argue with it once you see what the bug is capable of.
Read more
Thoth: Scraping the Dark Web Without Trusting the Dark Web
Thoth is a dark web scraper built for cyber threat intelligence. It takes a raw analyst query, rewrites it into a compact CTI search phrase, fans it out across multiple .onion search engines over Tor, deduplicates the results, asks an LLM to rank the most relevant links, scrapes the selected pages under hard safety limits, and converts the harvested text into structured intelligence.
Read more
From Proving to Living: Redefining Success Beyond First Place
This article breaks down how outcome-addiction steals peace, joy, and connection, and offers a simple mindset shift: balanced winning. Caring deeply without desperation. Staying ambitious without burning out. Building a life you don’t have to escape from.
Read more
Exorcising T1055.001: Naming the Demon Behind DLL Injection
A practical, evidence-driven playbook to name the exact DLL behind T1055 injection by correlating Sysmon EID 8 with CAPI2 Task 82. Includes ready-to-run SPL queries.
Read more
From Chaos to Clarity: How IntelliSecure Personalizes Threat Intelligence
IntelliSecure is aproject of mine, Which is a threat intelligence platform that transforms raw cyber reports into personalized, structured insights. By combining web scraping, NLP, and LLM-powered extraction, it builds Attack Profiles enriched with IOCs, TTPs, attacker info, and tailored configuration recommendations.
Read more