SEARCH KEYWORD -- CYBER SECURITY


  All I Know About Certificates -- Clients

 Finally, in last article we’ve covered the responsibilities of CAs, showing that being a CA isn’t simple and has high management costs, explaining why issuing certificates costs money! This article we will cover the client in this chain. Verifying Certificates as a Client For clients, verifying certificates isn’t simple either. Articles introducing TLS handshakes often mention "the server sends back a certificate, and the client verifies it," but in reality, as ...

   CLIENTS,WEBSITES,SSL CERTIFICATE,CERTIFICATE AUTHORITY,CA     2024-07-26 22:24:30

  People Detection Radar [IoT] : Build a Raspberry PI Xandar Kardian IoT People Count Radar

Program Design Purpose: People detection sensors and radars are utilized in various applications across multiple fields such as security and surveillance, healthcare, building automation, smart cities, transportation and autonomous manufacturing systems. This project aims to develop a prototype IoT device for an indoor people counting using the Xandar Kardian people detection radar and a Raspberry Pi. The device will be network-ready and easily integrated with other systems. The Python-based I...

       2024-07-21 08:19:57

  Some hidden XSS injection vulnerabilities

XSS injection refers to a Web page generates some unexpected executable js codes based on user input  and these executable codes are executed by web browser,i.e, the source code sent to web browser by the server contains some illegal js codes, and these illegal js codes are related to user's input. Common XSS injection vulnerabilities can be fixed with some functions such as htmlspecialchars(escaping HTML special characters) and strip_tags() or similar, but there are some hidden XSS injecti...

   XSS,PHP,Security,Code,JavaScript     2012-08-27 20:32:08

  WireGuard VPN: Setup WG_VPN client App on Android phone and connect to local WG_VPN server on VM

We will show the detail steps about how to setup the WireGuard VPN client on an Android phone/pad and configure the VPN client to connect a WG_VPN server in local network. The setup process contents three main steps: Install WireGuard and create a key-pair in WireGuard client. Add the Android client peer information in the WireGuard server’s config file. Config the Android WireGuard client to connect to the server. The test environment network configuration:  Step 1. Install Wire...

   WIREGUARD,VPN,TUTORIAL     2020-10-24 08:46:42

  XMLHttpRequest Level 2 user guide

XMLHttpRequest is a web browser interface, it makes it possible for JavaScript doing HTTP(s) communication. Microsoft's IE5 first introduced XMLHttpRequest, because it's so useful that many other browsers also adopted this. AJAX came to the front since. However, this interface is not standardized, implementation among different browsers is different, with the emerging of HTML5, W3C is considering to standardize this interface. In February 2008, they proposed a XMLHttpRequest Level 2 draft. This ...

   XMLHttpRequest, progress, upload, binary data     2012-09-19 11:51:50

  Python Deserialization Attack Introduction: How to Build a Python Pickle Bomb

This article introduces an old and classic unsecured Python data serialization feature (the pickle library) and demonstrates how a red team attacker can exploit it to create a malicious binary or text data file that executes remote code or commands upon deserialization. The following attack flow diagram illustrates this process: We will follow 3 steps with the program code to show how Deserialization Attacks Work:   [ Step1 ] Crafting Malicious Data: An attacker crafts a malicious payloa...

       2024-07-07 03:08:22

  Python and PLC Communication

This article provides detailed steps on how to use Python to communicate with Schneider M221 and Siemens S7-1200 PLCs via Ethernet. Additionally, we offer a packaged Python PLC client library, enabling you to easily build your own SCADA control programs, such as Human-Machine Interfaces (HMI). The system overview is shown below: To check the project detail please refer to Python Physical PLC Communication Clients # Created: 2024/06/29 # Version: v0.1.3 # Copyright: Copyright (c) 2024 ...

   PYTHON,PLC,COMMUNICATION     2024-06-30 02:21:17

  Ruby WinRM undefined method `split' for nil:NilClass

WinRM service is a service provided by Windows to enable remote access a Windows system. It is similar to what SSH is for *nix. And it is frequently used in applications which want to automate process or accessing remote Windows system and perform actions on them. Ruby also provided the WinRM gem which is an implementation of the WinRM service.  When using WinRM gem, one may often want to use :negotiate as the transport protocol for authentication. This transport will negotiate using d...

   RUBY,WINRM,INIT_AUTH,PROXY     2017-03-08 02:21:09

  Introduction to the Application of eBPF in Golang

Most of the time, when we develop software or even use software, we play within the safe boundaries of the operating system. We might not know how the network interface welcomes that IP packet, nor how the filesystem handles the inodes when we save a file. This boundary is called user space, which is where we write applications, libraries, and tools. But there's another world, kernel space, where the operating system's kernel resides and is responsible for managing system resources such as memor...

   EBPF,GOLANG,GUIDE,APPLICATION     2024-10-02 08:46:37

  When and Where to Use Pointers in Go

When declaring variables in Go, we usually have two syntax options: In some scenarios, pointers; in others, reference; sometimes, either. It’s great to have choices, but it is also confusing sometimes as to which one in which scenario. To be more reasonable in choice-making, I started from pointers, walked through their natures, and summarized some rules in using them in Go. from unsplash, Jordan Ladikos Pointers Go has pointers. A pointer holds the memory address of a ...

   POINTER,GOLANG     2022-05-01 02:24:43

RECENT