News : NodeJS and JavaScript security packages over sercurity areas.

Because I used NodeJS and JavaScript on web development, today I will show you some good packages for security using tree main areas of security ...

The first one:

ACLs known as Access Control Lists this use node_acl - npm package.

Will allow you to integrates with Express, also supports role-based access control known as RBAC, and stores rules in memory, Redis, or MongoDB. The main goal is to define user roles and permissions for resources.

The RBAC known as Role-Based Access Control): A security model where user permissions are assigned based on roles. Each role has specific access rights to resources, simplifying management and ensuring users only access what’s necessary for their job.

The second one:

SAML known as Security Assertion Markup Language:

This allow you to use passport-saml - npm package.

This package configure SAML strategy in Express for secure authentication.

Enables SSO by integrating with identity providers (e.g., Okta, Azure AD).

The SSO known as Single Sign-On is a system allowing users to authenticate once with an identity provider as IdP known as Identity Provider and access multiple applications without re-entering credentials, improving user experience and security.

The IdP is a system that manages user identities and authenticates users for applications.This verifies user credentials (e.g., username/password) and issues security tokens (e.g., SAML assertions) to enable single sign-on aka SSO across trusted services, like Okta or Azure AD.

The last one is audit Log known as SIEM:

SIEM known as Security Information and Event Management is a system that collects, analyzes, and correlates logs and event data from various sources (e.g., systems, applications) in real-time.

This use winston or bunyan - npm packages for logging.

The main goal is to capture system/user events and integrate with SIEM systems like Splunk via HTTP or TCP forwarding.

Store logs in JSON format for compatibility.

News : Star Citizen 2025 04 19 15 25 Argo Raft Bug - REALLY ! ?

Maybe google should use a content sorting method because there are all kinds of channels with a negative effect or that can lead you into errors... Here is an example in which artificial intelligence would be useful as well as adsense and google content management

Some people have written petitions ...

Not sure if this is a real bug !!!

Windows 10 : Microsoft Edge WebView2 - stop PID's.

The Microsoft Edge WebView2 can stop some running software if the windows not work well.

I have on this laptop an old Windows 10 with 4 Gb RAM and some services go to low and PIS's are escape from basic running ...

The broker software cannot manage the all changes and Microsoft Edge WebView2 jump even on Copilot and stop my running work.

I thin k was a intrusinon on the windows os with some bad customization ...

Because I don't have time resource for learning Windows administrartion and for my provider of this local area network is a hacker or maybe is hached ... I use artificial intelligence to stop the Microsoft Edge WebView2 PID's that is stop and jump around ...

I created on admin command com this script to solve this part of runnig ...

@echo off
echo Closing processes named msedgewebview2...
tasklist | findstr "msedgewebview2" >nul
if %errorlevel%==0 (
    taskkill /IM msedgewebview2.exe /F
    echo Processes terminated successfully.
) else (
    echo No processes found with the name msedgewebview2.
)
pause

News : Security ... understanding computer behavior ...

Welcome to Malware Development Fundamentals! This is the first part in a series where we explore common techniques, tools, and procedures (TTPs) used in the context of malware development. I will be adapting all of my blog posts on the subject of what I've learned so far in regard to this subfield of hacking, therefore, if you'd like to get a step ahead, before everyone else, consider reading more on my blog! https://crows-nest.gitbook.io ...

Normal users and developers are two categories of people who share the same hardware resource. From the point of view of information processing by the hardware resource, this can generate different behaviors on their part... I recommend this video and this youtube channel - named crow, to understand the behavior of the computer or laptop at a more complex level and it does not allow us to correctly evaluate and an appropriate action. with his requirements. Obviously, it also depends on the time resource that we want to invest for the objective that we have to fulfill as a user or developer.

News : About ImHex editor.

ImHex is a free cross-platform hex editor available on Windows, macOS, and Linux with a beautiful design.

ImHex is used by programmers and reverse engineers to view and analyze binary data.

Comes with features are a completely custom binary template and pattern language to decode and highlight structures in the data, a graphical node-based data processor to pre-process values before they're displayed, a disassembler, diffing support, bookmarks and much much more.

You can disassemble a variaty of different instruction sets. From x86 over ARM Cortex-M Thumb code to PowerPC. Many configuration options are available. Together with the integrated YARA rules parser it's a great way to analyze Malware.

Read more on the official website.