Stanford: CS 253 Web Security
A free course by Feross of JS Party. All the course materials, slides, and videos are freely available online and they wanted to share with the broader community, in case anyone is interested in learning more about secure web programming.
The course goal is to build an understanding of the most common web attacks and their countermeasures. Given the pervasive insecurity of the modern web landscape, there is a pressing need for programmers and system designers improve their understanding of web security issues. We’ll be covering the fundamentals as well as the state-of-the-art in web security.
How to Write a Ray Tracer Intuitively
Ray tracing is a rendering technique for generating an image by tracing the path of light as pixels in an image plane and simulating the effects of its encounters with virtual objects. This article discuss about an implementation run on BBCMicro:Bit, a he pocket-sized computer transforming the world.
Reading a Postgres EXPLAIN ANALYZE Query Plan
The most powerful tool at our disposal for understanding and optimizing SQL queries is EXPLAIN ANALYZE, which is a Postgres command that accepts a statement such as SELECT …, UPDATE …, or DELETE …, executes the statement, and instead of returning the data provides a query plan detailing what approach the planner took to executing the statement provided.
Pentesting a banking FTP service
A classical penetration test requires skills to assess a large variety of weaknesses, often dealing with common bug classes. Memory corruptions are rarely exploited during penetration tests. The reasons being, they can be risky (you do not want to crash a production system) and it can be time consuming (if you develop/adapt an exploit). It is also rather uncommon to have the opportunity to exploit a known memory corruption bug with a public script because both vendors and users tend to take their patching very seriously. Nevertheless, these kinds of weaknesses may enable attackers to gather powerful primitives, such as Remote Command Execution or secrets theft.
Solving DNS lookup failures in Kubernetes
Our journey along the Kuberentes (K8s) road continues with the story of how we diagnosed and solved random, intermittent DNS lookup failures between K8s pods and also between pods and services external to our K8s cluster.
How different are different diff algorithms in Git?
Automatic identification of the differences between two versions of a file is a common and basic task in several applications of mining code repositories.
Git has a diff utility and users can select algorithms of diff from the default algorithm Myers to the advanced Histogram algorithm.
Getting started with bare-metal assembly
Seeing a program you wrote running directly on the bare metal is deeply satisfying to anyone who enjoys writing software. And it turns out that creating such a program from scratch is easier than it sounds. The hardest part is figuring out where to start. In this tutorial, I’ll show you how to write, build and run the classic “Hello, World!” in pure assembly.
Code to read
the world’s first open source voice assistant.
a more-or-less complete emulation of the Atari VCS
Ruby Style Guide, with linter & automatic code fixer
Pull based, language agnostic exception aggregator for microservice environments.
Similar to Sentry but instead of pushing exception to Sentry, the exeption os pre-aggreated in client and
scrape by perisckop like Prometheus
Distributed RTC System by pure Go and Flutter
Detect threats with log data and improve cloud security posture
Help manage AWS systems manager with helpers. It has 2 sub tools: ssm-session to run shel without the need of provsiom ssh key but using IAM authentication.
annd ssh-run to run a command on multiple instances(kind of like Chef or Salt)
A shell for AWS Parameter Store. The built-in UI console of AWS to manage parameter stores is awful. This tools make it easier to navigate
parameter store with
ls since it has a hierarchy structure.
a RESTful search API that is the ready-to-go solution for everyone wanting a powerful, fast, and relevant search experience for their end-users
an open source, low-latency, high quality voice chat software primarily intended for use while gaming
High-Speed Web-based Traffic Analysis and Flow Collectioni based on libpap. Source code on github
A light-weight password manager with a focus on simplicity and security
The Simplest VPN installer, designed for Raspberry Pi
a Youtube-likeVideo Sharing App written in Go which also supports automatic transcoding to MP4 H.265 AAC
a Linux clone of Time Machine, the backup utility for Mac from Apple. It aims to mimic it as closely as possible.
That's it for this round, have a great day! If you like this newsletter, please tell the world, or
tweet about this