SEARCH KEYWORD -- Class


  When no need 3 handshakes in TCP?

Overview In the previous article titled Why TCP needs 3 handshakes simple answers were provided to the following three questions: Can application data be carried during the first handshake? Can application data be carried during the second handshake? Can application data be carried during the third handshake? Briefly, traditional TCP requires a three-way handshake to establish a connection, and during these three handshakes, only simple SYN and ACK packets are sent. From the perspective o...

   REASON,NETWORK,TCP,EXPLANATION     2024-09-29 03:19:35

  Python Deserialization Attack Introduction: How to Build a Python Pickle Bomb

This article introduces an old and classic unsecured Python data serialization feature (the pickle library) and demonstrates how a red team attacker can exploit it to create a malicious binary or text data file that executes remote code or commands upon deserialization. The following attack flow diagram illustrates this process: We will follow 3 steps with the program code to show how Deserialization Attacks Work:   [ Step1 ] Crafting Malicious Data: An attacker crafts a malicious payloa...

       2024-07-07 03:08:22

  Go Lacks Ternary Operators. Here Are Some Equivalents

If you were like me, a pure Java developer before writing Go, you must be wondering why Go doesn’t support the ternary operator like return a > 1 ? 0 : 1. Most mainstream languages like C and Java are supportive of ternary operators; languages like Python and Ruby support the simplified if-else one-liner, such as a = 0 if a > 1. However, Go is not among them. And it is not only about adding operators but also a concept of coding in a more convenient way, such as the ?: expression can...

   GOLANG,TERNARY OPERATOR     2022-12-09 19:51:32

  Web Security: In-Depth Explanation of X-XSS-Protection

What is X-XSS-Protection X-XSS-Protection is an HTTP response header designed to enable or configure built-in cross-site scripting (XSS) filters in certain versions of Internet Explorer, Chrome, and Safari. The purpose of these filters is to detect reflected XSS attacks in the response and prevent the loading of pages, thereby protecting users from such attacks. The X-XSS-Protection response header was initially introduced by Microsoft in Internet Explorer 8 to control the browser's XSS filter. ...

   X-XSS-PROTECTION,WEB SECURITY,CONTENT SECURITY POLICY,XSS,CSP     2023-11-29 01:48:40

  JShell -- The command line tool to run Java code in Java 9

Java 9 is currently a work-in-progress and is planned to be GAed in March 2017. Quite a few new features will be introduced in the new release. The coolest feature is project Jigsaw which is to modularize the Java packages so that a customized JDK can be built and shipped with only the necessary modules to fulfill their project requirement. Apart from this feature, another big new feature is project Kulla -- JShell. In simple, JShell is a command line tool which can be used to run...

   JAVA 9,JSHELL,KULLA     2016-04-01 21:46:48

  Carriage return and line feed

In programming and document editing, we may frequently encounter carriage return and line feed, i.e the well known CRLF.  But do you know about the history and difference of carriage return and line feed? Before computer came out, there was a type of teleprinter called Teletype Model 33. It can print 10 characters each second. But there is one problem with this, after finishing printing each line, it will take 0.2 second to move to next line, which is time of printing 2 characters. If a new...

   CR,CARRIAGE RETURN,LINE FEED,LF,NEW LINE,CRLF     2017-02-19 08:29:23

  C++, Ruby and CoffeeScript complexity comparison

There are many programming languages around the world, they all designed to help programmer solve some problems, finish some tasks. These languages are often divided into different types, there are structural, object-oriented, functional, scripting languages etc. Some are easy to pick up such as Java, while some are thought to be difficult to learn such as C++. So how do we understand complexities of different programming languages?Many people agree that C++ is very complex languages, it has poi...

   Complexity, languages, C++,Ruby,CoffeeScript     2012-06-12 04:46:01

  Set up Superset on ubuntu 16.04 LTS

Apache Superset (incubating) is a modern, enterprise-ready business intelligence web application. Compared with business-focused BI tool like Tableau, superset is more technology-navy. It supports more types of visualization and able to work in distributed manner to boost the query performance. Most importantly, it is free of charge! An example dashboard: Let’s go and set it up. Create a virtualenv Assume Anaconda is installed for python management. # create a virtualenv with python 3.6 co...

   TUTORIAL,UBUNTU,SUPERSET     2019-10-19 21:34:55

  SQLite C/C++ function interfaces

Some simple introduction to the SQLite function interfaces. First let's check some error codes defined in SQLite3 (They are in SQLite3.h file in the SQLite installation).#define SQLITE_OK           0   /* Successful result */  /* beginning-of-error-codes */  #define SQLITE_ERROR        1   /* SQL error or missing database */  #define SQLITE_INTERNAL     2&nb...

   SQLite,Function interface,C/C++     2012-07-04 12:23:43

  Eight C++ programming mistakes the compiler won’t catch

C++ is a complex language, full of subtle traps for the unwary. There is an almost infinite number of ways to screw things up. Fortunately, modern compilers are pretty good at detecting a large number of these cases and notifying the programmer via compile errors or warnings. Ultimately, any error that is compiler-detectable becomes a non-issue if properly handled, as it will be caught and fixed before the program leaves development. At worst, a compiler-detectable error results in los...

   C++,Compiler,Error detection     2012-04-08 09:55:20

RECENT