SEARCH KEYWORD -- ENVIRONMENT

  Python Deserialization Attack Introduction: How to Build a Python Pickle Bomb

This article introduces an old and classic unsecured Python data serialization feature (the pickle library) and demonstrates how a red team attacker can exploit it to create a malicious binary or text data file that executes remote code or commands upon deserialization. The following attack flow diagram illustrates this process: We will follow 3 steps with the program code to show how Deserialization Attacks Work:   [ Step1 ] Crafting Malicious Data: An attacker crafts a malicious payloa...

       2024-07-07 03:08:22

  Static Code Analysis

The most important thing I have done as a programmer in recent years is to aggressively pursue static code analysis.  Even more valuable than the hundreds of serious bugs I have prevented with it is the change in mindset about the way I view software reliability and code quality.It is important to say right up front that quality isn’t everything, and acknowledging it isn’t some sort of moral failing.  Value is what you are trying to produce, and quality is only one a...

   Static code,Analysis,Quality,Microsoft 360,Value     2011-12-24 06:50:18

  About browser event

First look at following codes: var $ = KISSY.all; $(‘a’).on(‘click’,function(e){ doSomeThing();//This function seems very famous e.halt(); }); The above codes seem complete the work we want them. The browser will not redirect us to the link in href, but is there some issue with the codes above? Before explaining what's wrong with the above codes, we first need to understand some concepts. Browser default behavior When we click a link, the browser will redirect us to anoth...

   JavaScript event,Event bubbling,event capturing     2012-11-15 11:15:41

  Cracks in the Foundation

PHP has been around for a long time, and it’s starting to show its age. From top to bottom, the language has creaky joints. I’ve decided to take a look at how things got to this point, and what can be (and is being) done about it. I start out pretty gloomy, but bear with me; I promise it gets better. In the Beginning, There Was Apache and CGI And there was much rejoicing. In 1994, Rasmus Lerdorf created the “Personal Home Page Tools,” a set of CGI binaries wri...

   PHP,History,Foundation design,Compatibility     2011-12-18 01:03:54

  The Essence of Google Dart: Building Applications, Snapshots, Isolates

WÑ–th thousands of programming languages floating around, why is Google introducing Google Dart? What can it possibly add? The short answer: the Google Dart team wanted a language well suited to modern application development, both on the server and the (mobile) client. Some of Dart's features address problems that languages like Java or Javascript have long had. Dart's Snapshots resemble Smalltalk images, allowing (nearly) instant application startup and wi...

   Dart,Google,Client side,Web,Language,Snapshort,Isolate     2011-10-24 11:41:16

  Spring – Web sockets in Java Development

Experts of java development team are sharing this article with entire java development community. The purpose behind intending this post is to explain spring – Web sockets as a concept to rest of the world. Technology: Web socket is the one of the protocol supported by web-browsers and web-servers. It provides the two-way communication between client and server. It is used in any Java application for providing the two way communication between client and server. It opens a connection betw...

   JAVA DEVELOPMENT,SPRING,JAVA TECHNOLOGY     2016-09-13 03:56:54

  Our Go Cache Library Choices

In Build a Go KV Cache from Scratch in 20 minutes, I walked you through what matters when writing a local cache, and eventually implemented one, whose performance was beaten badly by that of the popular go-cache on Github though. However, the bright side is that we can learn a lot from those excellent Github Go cache products, studying their features, applicable scenarios, and implementations, and extracting what we need. In this article, I will mainly analyze and compare the four...

   GOLANG,CACHE,GO-CACHE,BIGCACHE,GOURPCACHE     2022-04-16 07:48:11

  Why Emacs?

PreludeIf you are a professional writer – i.e., if someone else is getting paid to worry about how your words are formatted and printed – Emacs outshines all other editing software in approximately the same way that the noonday sun does the stars. It is not just bigger and brighter; it simply makes everything else vanish.Neal StephensonIn the Beginning … Was the Command LineI’m an Emacs user and I’m proud of the fact. I know my reasons for using it (and loving i...

   Emacs,Linux,IDE,Editor,Usage     2011-11-21 10:22:05

  How to Ace a Google Interview

Imagine a man named Jim. He's applying for a job at Google. Jim knows that the odds are stacked against him. Google receives a million job applications a year. It's estimated that only about 1 in 130 applications results in a job. By comparison, about 1 in 14 high-school students applying to Harvard gets accepted. Jim's first interviewer is late and sweaty: He's biked to work. He starts with some polite questions about Jim's work history. Jim eagerly explains his short career. The intervi...

   Google,Interview,Questions and answers,Job     2011-12-26 09:17:36

  Vim: revisited

I’ve had an off/on relationship with Vim for the past many years. Before, I never felt like we understood each other properly. Vim is almost useless without plugins and some essential settings in .vimrc, but fiddling with all the knobs and installing all the plugins that I thought I needed was a process that in the end stretched out from few hours to weeks, months even; and it the end it just caused frustration instead of making me a happier coder. Recently, I decided to give Vim ano...

   Linux,Editor,Vim,Setup,Quick guideline     2011-12-12 07:55:27

RECENT