How to prevent users from accessing the control panel

Lets start with policy- 

• Inherited Policy
• Explicit Policy

A policy is a set of rules, principles, or guidelines established, by an organization to regulate action , ensure consistency and achieve specific goals, Policies provide a framework for decision making and help maintain order & compilance with a system.

What is Inherited Policy ?

Inherited policy permissions are automatically passed down from a parent object (such as a folder) to its child objects (sub-folder and files). They simplify permission management by ensuring consistency across an entire directory structure. 

Characterstics -

-- Automatically propaged from parent to child objects.

-- Reduce administrative overhead by providing consistent access.

-- Can be over-hidden by explicit policy

-- Can by disable if needed.

What is Explicit policy ?

 Explicit permissions are manually set or assigned to a file, folder or object by any administrator of system owner. They take priority over inherited permissions and apply on the specific object they are set on.

Characterstics - 

-- Applied directly to a resources (file ,folder ,registry key)

-- Not affected by changes in parent object.

 How to assign a permission on a local user in local machine (standalone)?

Standard User Account (Local User) - This account is having limited permission, allows basic task like running application and changing personal settings ,This cannot install software or change system wide settings. This account is allowed for doing its daily basic task, what it is allowed for.  

-- For doing this task you must have a user with administrative rights of administrator account. 

-- Press win + r and type "mmc" (microsoft management console) windows. Click on "files" & then click on "add/remove snap-In" 

-- Then on windows search "Group policy object editor" then click on "Add".

-- In the next windows, click on Browser and go to the "user" tab.

-- Click on the user, on which you need to assign permissions.

-- Then click on "OK" and then finish.

-- Click on "OK" and return on mmc windows.

-- then assign the permission and click on the close. It ask you to save the so click on the save button.

-- Open cmd prompt and run the "gpupdate / force"

-- Logout from the administrator 

-- Login to the user account & check whether the policy works or not.

Disclaimer

How to setup workgroup domain environment in windows 

Environment - It is the set of connection in which we try to perform the task. This help our operating system to work in the surroundings and lets the user do the task. 


By default our operating system works on workgroup.

There are two members of operating system -
1) workgroup 
2) Domain 

Workgroup Enviornment?

A workgroup is a basic network model in windows basic system where computers and connected to peer peer (p2p)  network.

Used in small network (eg home, or small office) where is computer operated independently without a centralised server for management.

Key features 

1) No centralized administrator 

-- Each computer has its own user account and its security setting. 

-- User must manually create accounts on each system they need access to. 


2) Peer to Peer Networking 

-- Computer work group acts as both client and server.

-- File and printer can be shared without dedicated server. 


3) Limited to small network 

-- Suitable for 10 to 20 computers 

-- Does not well scale for large enterprises. 


4) Independent security management 

-- No centralise authentication like active directory 

-- Users must login separately on each machine 


5) Simple set up and maintenance 

-- No need for domain controller on specialised IT staff

-- Cost home networks and small business

Advantages - 

• Simplicity
• No-central server
• Flexiability
• Decentralization
• Easy sharing

Disadvantages

• Scalability Issues
• Security concern
• no central backup
• administrative overhead
• inconsitent settings

 Lets do practical -

Practical on workgroup - we are going to have 2 virutal machine over windows 10 pro OS.

Deploying of Workgroup in that state -

1. On public network (PAN-Private Area Network)
2. Sharing file in public network
3. Establishing private network (offline)
4. Sharing file in  private network

 First we can see that we have two machine like first one is "windows 10 x64" and second one is "clone windows 10 x64"

Both machine are working in work-group : 

Now we will test both machine's IP reachable to each other or not.

NOTE - windows 10 x64 - Denote as an Administrator   

NOTE - clone of windows 10 x64 - Denote as an UserA

-- ipconfig (administrator) IP is 192.168.30.129

-- ipconfig (userA) IP is 192.168.30.131

userA

If we will check administrator's IP is reachable or not - so check it for this cmd ping 192.168.30.129 in userA account But as of now not accessible or request time out.

userA

 same as it If we will check UserA's IP is reachable or not - so check it for this cmd ping 192.168.30.131 in administrator account But as of now not accessible or request time out.

adminstrator

 So why it is coming like that because of internal connectivity is blocking so for this we will fix it by run cmd > win + r > and type "firewall.cpl" and hit enter 

adminstrator

adminstrator

 now  if we will check in userA account with the help of administrator account's IP with this cmd ping 192.168.30.129

userA

Now as it as same disable the firewall in userA account 

now it is working ping request (ping 192.168.30.129) in administrator account. 

administrator

File Sharing  

For file sharing in same network we will create folder first in administrator account > go to file's properties > go to "sharing" > and click on share.. button.

Now add everyone 

 and give permission "Read/Write" 

 click on "share" button 

then check on checkbox folder > then click on permission button  

  then go to advance sharing 

 then allow all permission and check on checkbox > click OK.

 In userA account you can access via win + r run command with the help of administrator account's IP ( //192.168.30.129 ) and hit enter. 

 If you want you can setup this network at one time then whenever you want you can access it like for this > right click on network > map network drive 

then type administrator account's IP (\\192.168.30.129\file-sharing) > finish.

Now you are able to file sharing to each other in same network (but different account like first one is actual windows 10 x64 and second one is clone of windows 10 x64)

NOTE - if in case it will ask for username & password then simple you can provide   

 File Sharing in Private Network 

File sharing in a private network (like a home or office LAN) involves configuring network settings to allow discovery and sharing, then sharing specific folders with defined permissions (Read/Write),  

For this we will go first VMware administrator account' setting . 

then go to network adapter section and set custom : specific virtual network and select vmnet4 > then press OK. 

same as it as we will do in userA VMware's setting.

After completing this setting type win + r and type ncpa.cpl and press OK > then right click on Ethernet0 and go to properties.  

then uncheck the IPv6 box > then check on IP4 checkbox > then double click on IPv4  

 then click on "use the following IP address"  > then type IP like 192.168.1.2 then when click on subnet mask column it will automatically assign subnet mask < OK < OK.

 then if you will check in administrator's IP in cmd prompt (ipconfig). so as you can see here IP is 192.168.1.2

 Now as it as repeat in userA account.

  then if you will check in userA's IP in cmd prompt (ipconfig). so as you can see here IP is 192.168.1.3

Now you can ping request in each account like that below image you can see in administrator account 

Disclaimer

How to create a new user in windows 10

Lets start with types of user account in windows. Here we are write few types of windows account - 

• Administrator
• user_standard / Local / Domain / Microsoft / Network etc
• Guest 

The account we create at the time of installation is called as user with administrative rights.

Administrator Account - The account have the full control over the system, can install / uninstall software, change system setting, manage users and modify security, This account will be used by the individual to manage, monitor and troubleshoot the account.  

Standard User Account (Local User) - This account is having limited permission, allows basic task like running application and changing personal settings ,This cannot install software or change system wide settings. This account is allowed for doing its daily basic task, what it is allowed for  

Guest Account (Deprecated in newer version) - Designed for temporary access with minimal permission.

Local Account - This account which, exist on a specific computer and is not connected to a network domain. This can a administrator or standard user account we also call as a standalone user.

Domain User Account - This is account managed by a domain controller in an active directory environment. This allows users to log in from any computer within the domain using the same credentials. This is generally controlled by IT administrator for security and access management.

How to create a new user in windows 10

 -- Open Run ( windows +R)

-- on the run type "lusrmgr.msc"

-- Right Click on the "Users" > Then click on the option "new user" > After clicking one dialog box will appear where you have to fill the necessary details where you have to fill the necessary details related to user like "Full name", "user name" "Description", "password", "confirm password", you will have the list of options select accordingly" > then click on the bottom "Create"

-- Close that dialog box > logout from the administrative account > try to login with the user that you created.

Disclaimer

How to activate / enable windows administrative account ?

Lets start with types of user account in windows. Here we are write few types of windows account - 

• Administrator
• user_standard / Local / Domain / Microsoft / Network etc
• Guest 

The account we create at the time of installation is called as user with administrative rights.

Administrator Account - The account have the full control over the system, can install / uninstall software, change system setting, manage users and modify security, This account will be used by the individual to manage, monitor and troubleshoot the account.  

Standard User Account (Local User) - This account is having limited permission, allows basic task like running application and changing personal settings ,This cannot install software or change system wide settings. This account is allowed for doing its daily basic task, what it is allowed for  

Guest Account (Deprecated in newer version) - Designed for temporary access with minimal permission.

Local Account - This account which, exist on a specific computer and is not connected to a network domain. This can a administrator or standard user account we also call as a standalone user.

Domain User Account - This is account managed by a domain controller in an active directory environment. This allows users to log in from any computer within the domain using the same credentials. This is generally controlled by IT administrator for security and access management.

How to activate/enable administrator account ? 

-- Press win + r and type  "lusrmgr.msc" without quotes.

-- After open click on "users"

-- Then go to "users" > Right click on "Administrator" > Then click on the option "properties" > uncheck the box > account is disable > Click on apply > then  after "OK".

-- again right click on "Administrator" > Click on the option > set password > one dialog box will appear where you have to type password > new password > confirm password > Then click on "OK" button.

Disclaimer

NETREAPER – A Modern Offensive Security Toolkit That Simplifies Penetration Testing

Penetration testing usually involves jumping between dozens of tools, each with different commands, flags, and workflows. NETREAPER is a new offensive security toolkit created to solve this problem by bringing more than 70 essential pentesting utilities into one organized and easy-to-use command-line interface.

Instead of switching terminals, searching for syntax, or manually launching each tool, NETREAPER provides a structured, menu-driven workflow that streamlines the entire assessment process.

Why NETREAPER Stands Out

NETREAPER is designed for efficiency. It removes the usual clutter encountered during security testing and gives attackers (and defenders) a single, unified environment. Its interface offers clear menus, guided prompts, and categorized sections that make navigation fast and intuitive—even for beginners.

The toolkit integrates popular utilities from various domains such as reconnaissance, wireless attacks, exploitation, credential cracking, OSINT, and post-exploitation. Everything is neatly grouped, so a task that typically needs multiple tools can now be performed from one dashboard.

Key Capabilities of NETREAPER

1. Unified Interface

NETREAPER wraps more than 70 industry-standard security tools into a single interface, eliminating the need to memorize complex command options for each tool.

2. Organized Menu System

The toolkit separates operations into clearly defined categories, including:

• Reconnaissance
• Wireless testing
• Exploitation
• Credential attacks
• Stress testing
• OSINT/Intel gathering
• Post-exploitation
• Utility functions

This structure makes it easier to perform tasks without getting overwhelmed.

3. Recon & Network Analysis

Users can run detailed scans, DNS lookups, ARP discoveries, SSL/TLS analysis, and more through tools such as:

• Nmap
• Masscan
• Dnsenum

4. Wireless Security Assessment

NETREAPER supports a wide range of wireless attacks, including:

• WPA/WPA2 handshake capture
• Deauthentication
• Packet sniffing
• WPS exploitation
• Evil Twin AP attacks
• Tools like aircrack-ng, bettercap, and wifite are already integrated.

5. Exploitation Frameworks

It provides access to popular exploitation engines:

• Metasploit
• SQL injection frameworks
• Web vulnerability scanners
• Directory brute-forcing utilities

6. Credential Attacks

Various password-cracking and brute-force options are included through:

• Hashcat
• Hydra
• John the Ripper
• SMB/WinRM attack modules

7. Stress & Load Testing

NETREAPER can simulate network pressure through packet flooding, bandwidth testing, or HTTP load generation using tools like hping3 and iperf3.

 

8. OSINT & Intelligence Gathering

The toolkit enables reconnaissance across the public internet with utilities for:

• Passive information gathering
• Shodan-like scanning
• Traffic inspection
• Data harvesting from open sources

9. Post-Exploitation Support

It includes resources and guidance for:

• Privilege escalation
• Lateral movement
• Persistence mechanisms
• System enumeration

10. Session Management & Reporting

One of the standout features in NETREAPER is session tracking.
Users can:

• Start and pause assessments
• Resume previous sessions
• Generate structured, compliance-ready reports
• This is especially valuable for professional penetration testers.

Github Link - https://github.com/Nerds489/NETREAPER 

User Experience and Safety Features

NETREAPER prioritizes usability through guided wizards, progress indicators, helpful reminders, and optional verbose modes.

To keep operations safe and compliant, it includes:

• Input validation
• Target confirmation prompts
• Privilege escalation checks
• Logging and audit trails
• These safeguards help prevent accidental misuse.

Installation Options

Users can choose between:

Essential Install (~500MB): Fast setup with core tools

Full Arsenal (3–5GB): Complete environment with the entire toolkit

Setup usually takes between 5 to 30 minutes depending on system resources.

 

Who Benefits from NETREAPER?

• Red Teamers: Gain a centralized platform for offensive operations
• Blue Teamers: Understand attacker workflows in depth
• Students & Beginners: Learn penetration testing through guided menus
• Security Firms: Use consistent logs and reporting for audits

NETREAPER offers an efficient, organized, and user-friendly offensive security environment suitable for all skill levels.
 

Disclaimer

Step-by-Step Guide to Using Images with import.meta.url in React

Hello viewers, i am back again for you and now we will start from reactjs. So, we are ready for implemenation Best Practices for Handling Local Images in React Applications and set result. Actually we are making some project like E-commerce where we can implement react rating start.

React

import.meta.url

When building React applications, working with static assets like images is a common requirement. In this article, we’ll walk through how to efficiently import and display images using import.meta.url, which is especially useful in modern JavaScript and frameworks like Vite.

What is import.meta.url?

import.meta.url provides the absolute URL of the current module. It’s a feature introduced in ES modules to handle module-related metadata. In the context of React and tools like Vite, it’s often used for dynamically importing static assets like images.

Why Use import.meta.url for Images?

# It ensures proper resolution of local images at runtime.
# It’s ideal for bundlers like Vite, where traditional require() or relative paths might not work as expected.
# It provides a clean and scalable way to manage static assets in your project.

Step-by-Step Guide

1. Create the Image Component

We’ll create a file named Image.jsx to define our static images and use import.meta.url for dynamic URL resolution.

Image.jsx

// Image.jsx
const IMAGES = {
    image1: new URL('./google-logo.png', import.meta.url).href
};

export default IMAGES;

 

Here’s what’s happening:


# The new URL() constructor dynamically resolves the image path relative to the module using import.meta.url.
# .href provides the URL as a string for use in the src attribute of the <img> tag.



2. Create the Image Display Component

Now, we’ll create another component called GetImage.jsx to display the image.

// GetImage.jsx
import React from 'react';
import IMAGES from './images/Image';

function GetImage() {
  return (
    <div/>
      <div/>
        <img src={IMAGES.image1} alt="Google Logo" />
      </div/>
    </div/>
  );
}

export default GetImage;

 

Here’s what this does:


# The IMAGES object imported from Image.jsx provides the resolved URL of the image.
# The <img> tag uses the resolved URL from IMAGES.image1 to display the image.



3. Add the Image to Your Project


Make sure the google-logo.png image is placed in the correct folder (./images/ in this case) relative to Image.jsx.

# Benefits of This Approach

# Dynamic Resolution: Using import.meta.url ensures that paths are resolved dynamically, reducing potential errors.
# Scalability: Centralizing image URLs in one file (Image.jsx) makes it easy to manage and update images.
# Compatibility: Works seamlessly with modern bundlers like Vite.

Common Mistakes to Avoid

# Incorrect Relative Paths: Ensure the image file is located correctly relative to Image.jsx.

# Install redux and saga packages - CLICK HERE

# Make reducer wrapper - CLICK HERE

# Action in reducer - CLICK HERE

# Reducer in redux - CLICK HERE

# Switch Stmt in redux - CLICK HERE

# Get data in component from redux - CLICK HERE 

# Remove from cart - CLICK HERE 

# Add Redux Toolkit in react redux saga - CLICK HERE  

# Configure MiddleWare saga - CLICK HERE   

# Call API with Saga and Set Result in react redux saga - CLICK HERE    

# Product list ui with API data in react redux saga - CLICK HERE    

# Remove to Cart with ID react redux saga - CLICK HERE     

# Add Routing and Make Cart Page - CLICK HERE   

# Show Added To Cart Product with Price Calculation  - CLICK HERE  

Disclaimer