SEARCH KEYWORD -- Client langua

  Python Deserialization Attack Introduction: How to Build a Python Pickle Bomb

This article introduces an old and classic unsecured Python data serialization feature (the pickle library) and demonstrates how a red team attacker can exploit it to create a malicious binary or text data file that executes remote code or commands upon deserialization. The following attack flow diagram illustrates this process: We will follow 3 steps with the program code to show how Deserialization Attacks Work:   [ Step1 ] Crafting Malicious Data: An attacker crafts a malicious payloa...

       2024-07-07 03:08:22

  A Baseline for Front-End Developers

I wrote a README the other day for a project that I’m hoping other developers will look at and learn from, and as I was writing it, I realized that it was the sort of thing that might have intimidated the hell out of me a couple of years ago, what with its casual mentions of Node, npm, Homebrew, git, tests, and development and production builds. Once upon a time, editing files, testing them locally (as best as we could, anyway), and then FTPing them to the server was the essential ...

   Front-end,JavaScript,Baseline     2012-04-18 07:13:49

  Using public key authentication in SSH

SSH is a popular cryptographic network protocol for secure network service operation. It is frequently used in remote server login. For a system administrator or software developer, SSH is frequently used to access remote servers or development servers or testing servers etc.  To login with SSH, there are different authentication mechanisms : password, public key and interactive etc. If a remote server needs to be accessed frequently, password authentication may be too troublesome as p...

   LINUX,DEBUG,SSH,PUBLIC KEY     2016-09-10 05:55:46

  Top rules you can't afford to miss while developing a Magento website

A powerful and attractive website has become a vital necessity of every online entrepreneur. Whether its about boosting the inflow of customers or enhancing the overall profitability of your business, a good website can do all the hardwork. The growing demand and popularity of Magento development services has made online merchants switch to Magento for promoting their business products and services via the internet. As a website creator, it is absolutely essential for you to consider some basic...

   Magento development service, offshore Magento development, outsource Magento development, Magento de     2015-06-19 04:21:55

  How Query Optimizer Works in RDBMS

In a previous post, we discussed how the various relational operators are implemented in relational database systems. If you have read that post, you probably still remember that there are a few alternative implementations for every operator. Thus, how should RDBMS determine which algorithm (or implementation) to use? Obviously, to optimize the performance for any query, RDBMS has to select the correct the algorithm based on the query. It would not be desirable to always use the same algori...

   DATABASE,DATABASE DESIGN,DATABASE OPTIMIZATION     2019-04-20 07:26:32

  So you want to write JavaScript for a living?

What do you need to know if you are interviewing for a job that involves Javascript development? What kind of expectations do employers have of candidates now that the state of client side development has been changed with the rise of asynchronous JavaScript and the often slick, supporting interfaces? These were questions I was asking myself after a friend pointed me to an interesting job posting over at Meebo that included some JavaScript puzzlers on logical operators, DOM odditi...

   JavaScript,Career,Skills,Knowledge     2011-10-22 12:53:11

  Circumventing browser connection limits for fun and profit

A few days ago, this video hosted by metacafe popped up on digg, explaining how to increase site download times by tweaking your browser settings to increase connection parallelism. To explain why this works, let’s step back a bit to discuss how browsers manage server connections. In building any application, developers are often required to make ‘utilitarian’ choices. Pretentiously paraphrasing Jeremy Bentham, ‘utilitarian’ describes an approach that ââ‚...

   HTTP,Concurrent connection limit,Solution,AJAX     2011-12-14 13:01:02

  How expensive is a MySQL query?

Database access speed is always the bottle neck of many applications. Many application have large amount of data to search, retrieve and display nowadays. How do we improve the performance of our applications, how do we reduce the cost of database access? Apart from the design of database, the quality of the query is also one important factor to take care.  But before that, we need to know how much network traffic a query will consume. Yunyang,Zhang from Nubee in Singapore did some research...

   MySQL,Network traffic,Query     2013-04-09 05:13:33

  SQL Injection through HTTP Headers

During vulnerability assessment or penetration testing, identifying the input vectors of the target application is a primordial step. Sometimes, when dealing with Web application testing, verification routines related to SQL injection flaws discovery are restricted to the GET and POST variables as the unique inputs vectors ever. What about other HTTP header parameters? Aren’t they potential input vectors for SQL injection attacks? How can one test all these HTTP parameters and whic...

   Code security,SQL injection,HTTP header     2012-04-05 11:42:04

  6 Promising Ways by Which You Can Enhance the App Testing Process

Now mobile application industry is exploding with application demands more than ever. According to the latest mobile app technology news the integration of mobile application service with enterprise business is main cause app developing companies are booming. But with this tremendous demands, competition heats up in market and clients are impatient to get the results.   This pressure of a deadline and impatient client,  most times becomes a burden to the developing and QA departm...

   TECHNOLOGY,MOBILE APP,APP DEVELOPMENT,APP TESTING,MOBILE APP TESTING     2017-04-17 08:02:07

RECENT