SEARCH KEYWORD -- Data security

  SQL Injection through HTTP Headers

During vulnerability assessment or penetration testing, identifying the input vectors of the target application is a primordial step. Sometimes, when dealing with Web application testing, verification routines related to SQL injection flaws discovery are restricted to the GET and POST variables as the unique inputs vectors ever. What about other HTTP header parameters? Aren’t they potential input vectors for SQL injection attacks? How can one test all these HTTP parameters and whic...

   Code security,SQL injection,HTTP header     2012-04-05 11:42:04

  WireGuard VPN: Setup WG_VPN client App on Android phone and connect to local WG_VPN server on VM

We will show the detail steps about how to setup the WireGuard VPN client on an Android phone/pad and configure the VPN client to connect a WG_VPN server in local network. The setup process contents three main steps: Install WireGuard and create a key-pair in WireGuard client. Add the Android client peer information in the WireGuard server’s config file. Config the Android WireGuard client to connect to the server. The test environment network configuration:  Step 1. Install Wire...

   WIREGUARD,VPN,TUTORIAL     2020-10-24 08:46:42

  Should All Web Traffic Be Encrypted?

The prevalence of free, open WiFi has made it rather easy for a WiFi eavesdropper to steal your identity cookie for the websites you visit while you're connected to that WiFi access point. This is something I talked about in Breaking the Web's Cookie Jar. It's difficult to fix without making major changes to the web's infrastructure. In the year since I wrote that, a number of major websites have "solved" the WiFi eavesdropping problem by either making encrypted HTTPS web traffic an accou...

   Web traffic,Security,HTTPS.Encryption,Wifi     2012-02-24 05:02:58

  PHP 7 is coming soon

After a few RCs, PHP 7 will be officially released on November 12, 2015. This is a major release of PHP since PHP 5.6. @Laruence, one of the core contributors of PHP, has posted this news on Weibo(China's Twitter).  This is a one month later than the expected time as recorded in PHP 7 timeline. But it's not that late. The new release will come with a few features including: Scalar type declaration, you can define variable like int now Return type support. Besides declare scalar type ...

   RELEASE DATE,PHP7     2015-11-08 09:13:37

  A New Billionaire’s 10 Rules for Success

Bob Parsons (below) may be best known as the man standing next to the “GoDaddy Girls,” the busty spokesmodels for his online registration company, GoDaddy.Com. Gerry Images Today, he has a new catchphrase: billionaireSource : http://blogs.wsj.com/wealth/2011/06/24/a-new-billionaires-10-rules-for-success/ The possible purchase of his company by private-equity firms Kohlberg Kravis Roberts and SilverLake Partners for more than $2 billion would make him the latest dot-com billionair...

   Programming,Billionare,Work,Hard,Dream     2011-06-27 07:40:00

  Google Chrome to support sync clipboard data among devices

Google has been working very hard to make it possible for syncing clipboard data among PC and Android devices through Chrome. This feature is finally available in Chrome Canary 79 and is going to be released in future version of Chrome although it only supports sync data from PC to Android but not vice versa. But before getting to that day, users can start to explore this feature in latest Chrome Canary version 79.  There are three flags(chrome://flags) to control enablement of the feature...

   WINDOWS 10,CHROME CANARY,CLIPBOARD,CLIPBOARD SYNC     2019-09-15 07:18:26

  Java Interview Questions

Currently there are many articles online which summarize the list of Java interview questions. Some cover lots of basic questions and some cover some specific questions in specific area such as multithreading. In this post, we will not cover the really basic questions, we will cover something different. For basic question, you can read Java Interview Questions。 Basic What is primitive data type? How many primitive data types in Java? What are they? -- A primitive type is prede...

   JAVA,SECURITY,INTERVIEW,CAREER,MULTITHREADING,QUESTION,JAVA INTERVIEW,JAVA CORE     2019-01-21 07:07:08

  XMLHttpRequest Level 2 user guide

XMLHttpRequest is a web browser interface, it makes it possible for JavaScript doing HTTP(s) communication. Microsoft's IE5 first introduced XMLHttpRequest, because it's so useful that many other browsers also adopted this. AJAX came to the front since. However, this interface is not standardized, implementation among different browsers is different, with the emerging of HTML5, W3C is considering to standardize this interface. In February 2008, they proposed a XMLHttpRequest Level 2 draft. This ...

   XMLHttpRequest, progress, upload, binary data     2012-09-19 11:51:50

  JavaScript Attack/Defend

As developers and designers we work hard to build visually attractive, fast and easy to maintain applications. Our goals are to make sure the applications we build stick to users and keep them coming back for more. Security is not always at the forefront of our minds. No one intentionally builds insecure software but often a lack of security knowledge leads developers to build vulnerabilities into their applications. In this article we are going to examine two web security attacks, how they are ...

   JavaScript,Attack,Defend,Security,Cross site     2011-10-13 13:09:11

  The hidden risk of passing slice as function parameter

In Go's source code or other open source libraries, there are lots of cases where a slice pointer is passed to function instead of slice itself. This brings up a doubt why not passing slice directly as its internal is backed by an array pointer to point to underlying data? For example, in log package, the formatHeader function takes a parameter buf as type *[]byte instead of []byte. func (l *Logger) formatHeader(buf *[]byte, t time.Time, file string, line int) {} Let's understand the r...

   GOLANG,SLICE,SLICE POINTER     2020-12-13 06:11:14

RECENT