SEARCH KEYWORD -- EXECUTABLE JAR


  Use DTrace to diagnose gdb issues

A few days ago, I installed the newest 64-bit gdb program (version 7.7.1) on Solaris 10 (X86_64 platform) to debug programs. After playing with the gdb a day, I found 2 issues about gdb:(1) The "set follow-fork-mode child" command doesn't take effect. By default, after the parent process forks the child process, the gdb will track the parent process, so this command can make gdb begin to follow the child process. But this command works OK on Linux.(2) The gdb can't parse the 32-bit application c...

   DTrace, debug, gdb, UNIX     2014-06-28 05:11:20

  Android Security

Android is an open source mobile platform that includes an operating system, middleware and applications. Android has revolutionized the mobile world in a big way. Android, which started as an alternative to Apple’s iOS, is now slowly eating into the market share of Apple and is of primary concern to the company. Let’s have a brief introduction about android and then look into the security concerns and vulnerabilities that need to be focused on. Android Introduction: Android was deve...

   Android security,Input validation     2013-04-16 12:19:37

  Cloud Computing’s most Basic Concepts-Service Models

With the containerization of Docker, Kubernetes, CNCF, and the development of open-source communities, related frameworks and technology is booming and iterating rapidly. Cloud Computing, been applied for many years, is pushing developers into the new technological era. Companies and developers who are not using or not planning to use Cloud-Native gradually feel tremendous pressure in keeping up with the technology trends. The first step is to understand the concepts of IaaS, PaaS, FaaS, SaaS, S...

   CLOUD,PAAS,IAAS,CONCEPT     2021-01-24 05:23:11

  Python Deserialization Attack Introduction: How to Build a Python Pickle Bomb

This article introduces an old and classic unsecured Python data serialization feature (the pickle library) and demonstrates how a red team attacker can exploit it to create a malicious binary or text data file that executes remote code or commands upon deserialization. The following attack flow diagram illustrates this process: We will follow 3 steps with the program code to show how Deserialization Attacks Work:   [ Step1 ] Crafting Malicious Data: An attacker crafts a malicious payloa...

       2024-07-07 03:08:22

  Mock Solutions for GoLang Unit Test

In Go development, Unit Test is inevitable. And it is essential to use Mock when writing Unit Tests. Mock can help test isolate the business logic it depends on, enabling it to compile, link, and run independently. Mock needs Stub. Stub function replaces the real business logic function, returns the required result, and assists the test. I involved the related test code for Controllers while writing Kubernetes Operator recently, and there would be mocks for GRPC and HT...

   UNIT TEST,TESTIFY,GOSTUB,GOMOCK     2020-10-31 21:59:15

  IT System Cyber Attack Case Study 01: Malicious Macro and Backdoor Trojan Attack on IT-Network

Project Design Purpose: The objective of this cyber attack case study is to develop a workshop showcasing a practical demonstration of a red team attacker implementing an IT system/network attack via a Malicious Macro MS-Office-Word file (CVE-2015-1641) and phishing email generation program to penetrate multiple layers of firewall defenses and implant a backdoor trojan into the railway system's OT network. Related Links: GitHub Project Link , LinkedIn Post Link Attacker Vector: Malicious Macro ...

       2024-08-03 08:21:49

  IoT System Cyber Attack Case Study 02: Python Deserialization Attack and Library Hijacking Attack

Project Design Purpose: The objective of this cyber attack case study is to develop a workshop that demonstrates how a red team attacker can permanently compromise a people detection radar IoT device. The attack path is achieved through a series of attacks, including traffic eavesdropping, data deserialization attacks, web shell attacks, remote command/code execution, and Python library hijacking attacks. This case study is intended for IoT and data security professional training, aiming to ill...

       2024-07-14 01:40:09

RECENT