SEARCH KEYWORD -- PASS BY VALUE


  Sass Style Guide: A Sass Tutorial on How to Write Better CSS Code

Writing consistent and readable CSS that will scale well is a challenging process. Especially when the style sheets are getting larger, more complex, and harder to maintain. One of the tools available to developers to write better CSS are preprocessors. A preprocessor is a program that takes one type of data and converts it to another type of data, and in our case CSS preprocessors are preprocessing languages which are compiled to CSS. There are many CSS preprocessors that front-end develop...

   CSS,SASS,TUTORIAL     2015-09-17 06:40:47

  Python SSH Connection Tools

Program Design Purpose: We aim to create a simple Python SSH tool library that facilitates SSH communication, SCP file transfer, and SSH port forwarding through multiple jump hosts in an SSH tunnel chain. The library is designed to provide a simple API for establishing nested SSH tunnel connections through multiple jump hosts with customizable TCP ports. This allows users or their programs to automate SSH tasks such as: Batch processing SSH connection tasks, such as connecting to multiple ser...

       2024-08-30 04:46:05

  IoT System Cyber Attack Case Study 02: Python Deserialization Attack and Library Hijacking Attack

Project Design Purpose: The objective of this cyber attack case study is to develop a workshop that demonstrates how a red team attacker can permanently compromise a people detection radar IoT device. The attack path is achieved through a series of attacks, including traffic eavesdropping, data deserialization attacks, web shell attacks, remote command/code execution, and Python library hijacking attacks. This case study is intended for IoT and data security professional training, aiming to ill...

       2024-07-14 01:40:09

  Android Security

Android is an open source mobile platform that includes an operating system, middleware and applications. Android has revolutionized the mobile world in a big way. Android, which started as an alternative to Apple’s iOS, is now slowly eating into the market share of Apple and is of primary concern to the company. Let’s have a brief introduction about android and then look into the security concerns and vulnerabilities that need to be focused on. Android Introduction: Android was deve...

   Android security,Input validation     2013-04-16 12:19:37

  Python Deserialization Attack Introduction: How to Build a Python Pickle Bomb

This article introduces an old and classic unsecured Python data serialization feature (the pickle library) and demonstrates how a red team attacker can exploit it to create a malicious binary or text data file that executes remote code or commands upon deserialization. The following attack flow diagram illustrates this process: We will follow 3 steps with the program code to show how Deserialization Attacks Work:   [ Step1 ] Crafting Malicious Data: An attacker crafts a malicious payloa...

       2024-07-07 03:08:22

  File upload in PHP

File is a special kind of form data, when being uploaded to the server through HTTP POST request, PHP will create a $_FILES global array, the relevant file information will be stored in this global array. We will illustrate file upload with some code snippets using PHP and look into the internal work mechanism. Lastly will talk about file upload security. File upload In order for users to upload files in client side, we have to provide a form on the user interface. Since the uploaded file is a s...

   File upload,PHP     2012-11-30 22:01:28

  Understand GoLang WaitGroup internals and how it works

Background Before getting into the main content, let me give a brief introduction to WaitGroup and its related background knowledge. Here, the focus is on the basic usage of WaitGroup and the fundamental knowledge of system semaphores. For those who are familiar with these, you can skip this section directly. WaitGroup WaitGroup is one of the most common concurrency control techniques in Golang, and its function can be roughly compared to the join() in concurrency control of other languages' mul...

   GOLANG,WAITGROUP,SOURCE CODE     2023-04-26 08:02:01

  2D Indoor CQB Robot Simulation

Program Design Purpose: The integration of robots in Close Quarters Battle (CQB) represents a significant advancement in modern military and law enforcement tactics. These robots, designed to navigate tight spaces, gather real-time intelligence, and engage threats, are invaluable assets in high-stakes scenarios. Our goal is to develop a 2D tactical board simulation system, similar to a computer game, that can load building floor blueprints, display CQB squad (robot) positions, enemy locations, ...

       2024-08-11 08:40:31

  SIEM Big Data Visualization [02]: National Cyber Threats Dashboard

Dashboard for Summarizing SG National Cyber Threats in Critical Infrastructure Program Design Purpose: The purpose of this program is to develop a comprehensive Angular web dashboard plugin for a Security Information and Event Management (SIEM) system, focusing on the effective monitoring, categorization, summarization, and visualization of cyber threat events targeting Singapore's critical infrastructure. This dashboard will provide researchers and security managers with a clear, concise view ...

       2024-10-19 09:56:45

  When and How to Use the Go Channel

Go’s concise structure and powerful native library enable us to hit the ground running easily. It is more efficient than Java or Python when implementing the same functions, especially its concurrent programming, which is very handy and widely admired due to its goroutine and channel. goroutine and channel has much to dig into, and let’s start with channel, which I used to consider narrowly as a message queue to transfer data between gorouti...

   GOLANG,CONTEXT,CHANNEL     2022-09-17 23:06:36

RECENT