SEARCH KEYWORD -- API VERSION


  A simple tutorial on GoLang connecting to Clickhouse

Go, also known as Golang, is a statically-typed, concurrent programming language created by Google. ClickHouse is a high-performance, column-oriented database management system that can be used for real-time data analysis. This tutorial will provide a deep dive into how to connect to ClickHouse from a Go program, including how to perform common database operations such as SELECT and INSERT statements. Before proceeding, it is assumed that you already have Go and ClickHouse installed on your mach...

   GOLANG,CLICKHOUSE,TUTORIAL     2023-02-11 07:05:36

  Why is single threaded Redis so fast

Redis is a high-performance, in-memory key-value database. According to official test reports, it can support around 100,000 QPS (queries per second) on a single machine. However, Redis uses a single-threaded architecture in its design. Why does Redis still have such high performance with a single-threaded design? Wouldn't it be better to use multiple threads for concurrent request processing? In this article, let's explore why Redis has a single-threaded architecture and still maintains its spe...

   REDIS,SINGLE-THREADED,MULTI-THREADING     2023-02-28 05:16:22

  Power Grid OT Simulation System

Mini OT-Energy-System Cyber Security Digital Twin Figure-00: Power_Grid_OT_Simulation_System Environment Diagram, version v0.1.2 (2024) Project Design Purpose: The primary objective of this project is to develop a scaled-down Operational Technology (OT) digital twin/equivalent — an advanced software simulation system capable of emulating the functionality of an small-sized 18KW (560+MkWh/year) hybrid power grid. This system will meet the requirements for cybersecurity training, exercises...

       2024-10-13 09:00:12

  Power Grid Simulation System 02 : FDI Power Outage Attack Case Study

We are excited to share that the Power Grid Simulation System we developed was used as part of one red team's targeted critical infrastructure system the international cyber exercise Crossed Swords 2024 which conducted in December 2024. In this article, we will introduce one power outage attack case study which use the Power Grid Simulation System as the demo platform for OT cyber security workshop. Project Design Purpose: This case study demonstrates using the Power Grid Simulation System as a...

       2025-01-11 07:35:45

  Understand GoLang WaitGroup internals and how it works

Background Before getting into the main content, let me give a brief introduction to WaitGroup and its related background knowledge. Here, the focus is on the basic usage of WaitGroup and the fundamental knowledge of system semaphores. For those who are familiar with these, you can skip this section directly. WaitGroup WaitGroup is one of the most common concurrency control techniques in Golang, and its function can be roughly compared to the join() in concurrency control of other languages' mul...

   GOLANG,WAITGROUP,SOURCE CODE     2023-04-26 08:02:01

  SIEM Big Data Visualization : Dashboard for Monitoring Scam Events in Critical Infrastructure

Project Design Purpose: In a Security Information and Event Management (SIEM) system, effective monitoring and visualization of scam events is crucial to detecting and responding to cyberattacks. Cybercriminals often use deceptive methods to exploit individuals or organizations, aiming to steal sensitive information, financial assets, or disrupt operations. This project seeks to develop a web plugin dashboard to help cybersecurity researchers and managers better understand the scope and impact ...

       2024-10-05 20:47:09

  Some hidden XSS injection vulnerabilities

XSS injection refers to a Web page generates some unexpected executable js codes based on user input  and these executable codes are executed by web browser,i.e, the source code sent to web browser by the server contains some illegal js codes, and these illegal js codes are related to user's input. Common XSS injection vulnerabilities can be fixed with some functions such as htmlspecialchars(escaping HTML special characters) and strip_tags() or similar, but there are some hidden XSS injecti...

   XSS,PHP,Security,Code,JavaScript     2012-08-27 20:32:08

  LinkedIn ceases operations in China

Microsoft's social platform LinkedIn announced on Wednesday, August 9th, that it would cease its operations in China, ending its nearly decade-long presence in the Chinese market. This move signifies the departure of a major Western social media platform from China. Currently, when accessing LinkedIn's domain within China, users are redirected to a page that provides services for corporate clients. The mobile app for "LinkedIn Workplace" displays a message stating, "Unable to load data." ...

   CHINA,LINKEDIN,MICROSOFT     2023-08-09 03:28:56

  Python Deserialization Attack Introduction: How to Build a Python Pickle Bomb

This article introduces an old and classic unsecured Python data serialization feature (the pickle library) and demonstrates how a red team attacker can exploit it to create a malicious binary or text data file that executes remote code or commands upon deserialization. The following attack flow diagram illustrates this process: We will follow 3 steps with the program code to show how Deserialization Attacks Work:   [ Step1 ] Crafting Malicious Data: An attacker crafts a malicious payloa...

       2024-07-07 03:08:22

  All I Know About Certificates -- Websites

In last article, we know the role of clients and their responsibilities for certificate verification. Finally, let's talk about websites. We've discussed many potential issues between CAs and clients concerning certificates, but the most frequent issue is with websites—many websites have faced this problem: certificate expiration. Websites need to ensure two things: Ensure their certificate does not expire. Protect their private key from being leaked. If someone else obtains the priv...

   CLIENTS,WEBSITES,SSL CERTIFICATE,CERTIFICATE AUTHORITY,CA     2024-07-26 22:33:29

RECENT