SEARCH KEYWORD -- Color scheme


  IoT System Cyber Attack Case Study 02: Python Deserialization Attack and Library Hijacking Attack

Project Design Purpose: The objective of this cyber attack case study is to develop a workshop that demonstrates how a red team attacker can permanently compromise a people detection radar IoT device. The attack path is achieved through a series of attacks, including traffic eavesdropping, data deserialization attacks, web shell attacks, remote command/code execution, and Python library hijacking attacks. This case study is intended for IoT and data security professional training, aiming to ill...

       2024-07-14 01:40:09

  Power Grid Simulation System 02 : FDI Power Outage Attack Case Study

We are excited to share that the Power Grid Simulation System we developed was used as part of one red team's targeted critical infrastructure system the international cyber exercise Crossed Swords 2024 which conducted in December 2024. In this article, we will introduce one power outage attack case study which use the Power Grid Simulation System as the demo platform for OT cyber security workshop. Project Design Purpose: This case study demonstrates using the Power Grid Simulation System as a...

       2025-01-11 07:35:45

  Ruby net-scp cannot scp multiple files with asterisk(*)

net-ssh/net-scp is a Ruby gem which can be used to scp files between different *nix machines. It's similar to how the *nix scp command. It can be used to scp a file or a directory. However, it seems it has some problem to scp multiple files using pattern *. For example, below script is supposed to download all files from remote directory to local directory: require 'net/scp' host = 'testmachine' login = 'testaccount' password = "testpassword" remote_path = '/tmp/remote...

   NET-SCP,RUBY,ASTERISK,MULTIPLE FILES     2016-10-20 03:00:13

  HeartBleed: Inside the heart, what happens to a normal WEB user?

To be brief, our email, IM, facebook etc. are at the risk, so try to minimize the access in these few days. Especially we should try to avoid log into our internet-banking, because we may expose our user id and password. Also later when the service providers fix the bug, we would better to change a new password for all the web accounts that are important to us. Here comes the technical explanation. You might notice before that a lot of websites use URL starting with "https". For example, https:/...

   HeartBleed,Analysis     2014-04-09 22:41:43

  Consistency between Redis Cache and SQL Database

Nowadays, Redis has become one of the most popular cache solution in the Internet industry. Although relational database systems (SQL) bring many awesome properties such as ACID, the performance of the database would degrade under high load in order to maintain these properties. In order to fix this problem, many companies & websites have decided to add a cache layer between the application layer (i.e., the backend code which handles the business logic) and the storage layer (i.e., the SQL d...

   REDIS,CACHE,DATABASE     2019-07-07 08:14:16

  How Query Optimizer Works in RDBMS

In a previous post, we discussed how the various relational operators are implemented in relational database systems. If you have read that post, you probably still remember that there are a few alternative implementations for every operator. Thus, how should RDBMS determine which algorithm (or implementation) to use? Obviously, to optimize the performance for any query, RDBMS has to select the correct the algorithm based on the query. It would not be desirable to always use the same algori...

   DATABASE,DATABASE DESIGN,DATABASE OPTIMIZATION     2019-04-20 07:26:32

  Embrace open source

In past few days, there are many tech news which are related to open source. For example, Microsoft enables Linux on its Windows Azure cloud, Facebook open sourced its C++ library Folly and Samsung joined Linux foundation. Now more and more big companies realize the power of open source and are willing to contribute to the open source community. It will benefit not only developers but also these big companies as well.By providing some open source libraries or projects, developer may reduce their...

   Open source,Microsoft,Samsung,Facebook,Linux     2012-06-06 05:37:59

  Frequently used Git commands

Git configuration git config --global user.name "robbin" git config --global user.email "fankai@gmail.com" git config --global color.ui true git config --global alias.co checkout git config --global alias.ci commit git config --global alias.st status git config --global alias.br branch git config --global core.editor "mate -w" # Configure Editor to use textmate git config -l #List all configurations User's git configuration file : ~/.gitconfig Frequently used Git commands Check、add...

   Git,Command     2013-03-11 19:41:06

  How does Class box get 1 million users with only 4 people?

"Class box" is an app which helps students create course plan developed by 4 Chinese. This app was created in 2012. They get over 1 million users with only 4 people. How do they make this? The co-founder of "Class box" Tianfang Li explains this on Zhihu. Here is what he said: About millions of users, in the mobile Internet era what we need to do is just find a good entry point, rapid iteration and with a little luck, a small team or even an independent developer can make millions user level prod...

   class box,team size,sillicon valley     2013-04-03 08:08:21

  9 reasons to use Zsh

Like majority *nix users, I have been using bash for many years. Sometimes I feel uncomfortable with bash. I tried use some other shells as well such as ksh, tcsh and zsh which I am going to talk about. A few days ago, I found an open source project ranking in the 6th named oh-my-zsh on Github, I downloaded it and had a try with it. It's amazing. We should use zsh to replace bash now. Why do we need to use zsh? Here is a 4 minutes YouTube video which shows many reasons why we should switch from ...

   zsh, advantage, command     2012-09-28 12:46:39

RECENT