SEARCH KEYWORD -- psd to html


  IoT System Cyber Attack Case Study 02: Python Deserialization Attack and Library Hijacking Attack

Project Design Purpose: The objective of this cyber attack case study is to develop a workshop that demonstrates how a red team attacker can permanently compromise a people detection radar IoT device. The attack path is achieved through a series of attacks, including traffic eavesdropping, data deserialization attacks, web shell attacks, remote command/code execution, and Python library hijacking attacks. This case study is intended for IoT and data security professional training, aiming to ill...

       2024-07-14 01:40:09

  Android Security

Android is an open source mobile platform that includes an operating system, middleware and applications. Android has revolutionized the mobile world in a big way. Android, which started as an alternative to Apple’s iOS, is now slowly eating into the market share of Apple and is of primary concern to the company. Let’s have a brief introduction about android and then look into the security concerns and vulnerabilities that need to be focused on. Android Introduction: Android was deve...

   Android security,Input validation     2013-04-16 12:19:37

  10 tools to make your shell script more powerful

Many people mistakenly think that shell scripts can only be run in command line. In fact shell can also call some GUI components such as menus,alert dialogs, progress bar etc. You can control the final output, cursor position and various output effects. Here we introduce some tools which can help you create powerful, interactive and user friendly Unix/Linux shell scripts. 1. notify-send This command can let you inform the process to send a desktop notification to users. This can be used to send ...

   shell,GUI,zenity     2013-04-05 08:50:41

  Cloud Computing’s most Basic Concepts-Service Models

With the containerization of Docker, Kubernetes, CNCF, and the development of open-source communities, related frameworks and technology is booming and iterating rapidly. Cloud Computing, been applied for many years, is pushing developers into the new technological era. Companies and developers who are not using or not planning to use Cloud-Native gradually feel tremendous pressure in keeping up with the technology trends. The first step is to understand the concepts of IaaS, PaaS, FaaS, SaaS, S...

   CLOUD,PAAS,IAAS,CONCEPT     2021-01-24 05:23:11

  Set Real-Time Clock Unit for OT/IoT Device

Configure DS1307 RTC on BeagleBone-Black Arduino or Raspberry-PI Figure-00: Project Overview Diagram , version v0.1.2 (2024) Program Design Purpose: Real-Time Clock (RTC) modules are essential for maintaining accurate timekeeping in various applications, including system clocks, data logging, and alarm systems. In scenarios where devices operate offline, such as a ship's NMEA 0183 data recorder that logs engine and rudder data, or an RTU (Remote Terminal Unit) with real time state change config...

       2024-08-18 03:09:06

  Is Java Set ordered or not?

“Is Java Set ordered or not? ” is the most popular question asked when you interview for a Java Developer position. Many fail to answer it, and I have to admit I was one of the many. I have known the answer is “Yes and No” for a long time. No. HashSet is not ordered. Yes.TreeSet is ordered. If the interviewer continues with some follow up questions, I’m not confident that I know the answer then. Why is TreeSet ordered? Are there any other ordered S...

   ORDER,SORTEDSET,HASHSET,JAVA     2021-02-11 06:55:00

  MySQL Index Merge Optimization Practices

In production environment databases, it is often seen that some SQL where conditions include: equal condition on a normal index + primary key range query + order by limit Although using a normal index would be more efficient, the system chooses to use index merge instead in some cases. This article explores such index merge situations. Index Merge Official Introduction   The Index Merge access method retrieves rows with multiple range scans and merges their results into one. Generall...

   INDEX MERGE,MYSQL,PRIMARY INDEX,SECONDARY INDEX     2024-09-10 04:52:26

  Python Deserialization Attack Introduction: How to Build a Python Pickle Bomb

This article introduces an old and classic unsecured Python data serialization feature (the pickle library) and demonstrates how a red team attacker can exploit it to create a malicious binary or text data file that executes remote code or commands upon deserialization. The following attack flow diagram illustrates this process: We will follow 3 steps with the program code to show how Deserialization Attacks Work:   [ Step1 ] Crafting Malicious Data: An attacker crafts a malicious payloa...

       2024-07-07 03:08:22

  Spring – Web sockets in Java Development

Experts of java development team are sharing this article with entire java development community. The purpose behind intending this post is to explain spring – Web sockets as a concept to rest of the world. Technology: Web socket is the one of the protocol supported by web-browsers and web-servers. It provides the two-way communication between client and server. It is used in any Java application for providing the two way communication between client and server. It opens a connection betw...

   JAVA DEVELOPMENT,SPRING,JAVA TECHNOLOGY     2016-09-13 03:56:54

  SIEM Big Data Visualization [04] : Data Transmission Latency SIEM Log Analysis Dashboard

This article will introduce the Data Transmission Latency Log Analysis Dashboard developed for SIEM big data analytics. This is part of the SIEM big data visualization project, if you are interested about other dashboard plug in, you can check below links: SIEM Big Data Visualization [01] : Dashboard for Monitoring Scam Events in Critical Infrastructure SIEM Big Data Visualization [02] : Dashboard for Summarizing SG National Cyber Threats in Critical Infrastructure SIEM Big Data Visualization [...

       2024-11-03 20:49:18

RECENT