<ul data-eligibleForWebStory="true"><li>Dissecting mainframe penetration testing techniques on z/OS, particularly focused on RACF security package.</li><li>Deep dive into RACF database structure, internal architecture, and its decision-making logic.</li><li>Developed utility racfudit, facilitates offline analysis of RACF database, provides insights for security analysis.</li><li>Exploring RACF profile relationships, user authorization flows within z/OS, and password hashing algorithms.</li><li>Detailed overview of DES and KDFAES encryption algorithms for RACF password and phrase hashes.</li></ul>

Approach to mainframe penetration testing on z/OS. Deep dive into RACF

Discover more