SEARCH KEYWORD -- PATH


  Code coverage rate

When doing unit testing, the code coverage rate is often used as the criteria for measuring testing performance, even in some cases code coverage may be used to consider whether the testing task is completed or not. So testers need to spend much time on designing test cases which can cover as many codes as possible. There are advantages and disadvantages about using code coverage rate. First let's check what is code coverage rate: code coverage rate= the degree of code coverage in testing. There...

   Unit testing,Code coverage     2013-04-16 12:50:57

  IoT System Cyber Attack Case Study 02: Python Deserialization Attack and Library Hijacking Attack

Project Design Purpose: The objective of this cyber attack case study is to develop a workshop that demonstrates how a red team attacker can permanently compromise a people detection radar IoT device. The attack path is achieved through a series of attacks, including traffic eavesdropping, data deserialization attacks, web shell attacks, remote command/code execution, and Python library hijacking attacks. This case study is intended for IoT and data security professional training, aiming to ill...

       2024-07-14 01:40:09

  Python PLC Honeypot: Env Deployment And Attack Detection

In the previous article, we introduced the design of Python PLC Honeypot Project, this article will provide detailed step-by-step instructions on how to deploy and use the honeypot system in your environment for detecting potential attacks on OT (Operational Technology) networks. The article includes three main section:   Design of Attack Alert and Notification Function Honeypot deployment: an example deployment of a mixed OT protocol honeypot, consisting of a simple setup with...

       2024-12-01 00:27:33

  Kubernetes Authentication & Authorization 101

If we want to build a system with user modules, Authentication and Authorization are something that we can never ignore, though they could be fuzzy to understand. Authentication (from Greek: αὐθεντικÏŒς authentikos, “real, genuine”, from αὐθέντης authentes, “author”) is the act of proving an assertion, such as the identity of a computer s...

   RBAC,AUTHORIZATION,AUTHENTICATION,KUBERNETES     2021-06-05 23:19:18

  Introduction to the Application of eBPF in Golang

Most of the time, when we develop software or even use software, we play within the safe boundaries of the operating system. We might not know how the network interface welcomes that IP packet, nor how the filesystem handles the inodes when we save a file. This boundary is called user space, which is where we write applications, libraries, and tools. But there's another world, kernel space, where the operating system's kernel resides and is responsible for managing system resources such as memor...

   EBPF,GOLANG,GUIDE,APPLICATION     2024-10-02 08:46:37

  Power Grid Simulation System 02 : FDI Power Outage Attack Case Study

We are excited to share that the Power Grid Simulation System we developed was used as part of one red team's targeted critical infrastructure system the international cyber exercise Crossed Swords 2024 which conducted in December 2024. In this article, we will introduce one power outage attack case study which use the Power Grid Simulation System as the demo platform for OT cyber security workshop. Project Design Purpose: This case study demonstrates using the Power Grid Simulation System as a...

       2025-01-11 07:35:45

  10 tools to make your shell script more powerful

Many people mistakenly think that shell scripts can only be run in command line. In fact shell can also call some GUI components such as menus,alert dialogs, progress bar etc. You can control the final output, cursor position and various output effects. Here we introduce some tools which can help you create powerful, interactive and user friendly Unix/Linux shell scripts. 1. notify-send This command can let you inform the process to send a desktop notification to users. This can be used to send ...

   shell,GUI,zenity     2013-04-05 08:50:41

  How Query Optimizer Works in RDBMS

In a previous post, we discussed how the various relational operators are implemented in relational database systems. If you have read that post, you probably still remember that there are a few alternative implementations for every operator. Thus, how should RDBMS determine which algorithm (or implementation) to use? Obviously, to optimize the performance for any query, RDBMS has to select the correct the algorithm based on the query. It would not be desirable to always use the same algori...

   DATABASE,DATABASE DESIGN,DATABASE OPTIMIZATION     2019-04-20 07:26:32

  IT System Cyber Attack Case Study 01: Malicious Macro and Backdoor Trojan Attack on IT-Network

Project Design Purpose: The objective of this cyber attack case study is to develop a workshop showcasing a practical demonstration of a red team attacker implementing an IT system/network attack via a Malicious Macro MS-Office-Word file (CVE-2015-1641) and phishing email generation program to penetrate multiple layers of firewall defenses and implant a backdoor trojan into the railway system's OT network. Related Links: GitHub Project Link , LinkedIn Post Link Attacker Vector: Malicious Macro ...

       2024-08-03 08:21:49

  Example on integrating TypeScript with Webpack

TypeScript is now a very popular language to create typed JavaScript code to reduce development error. It provides a type system on top of JavaScript which has only a weak type system. Once the TypeScript code is developed, it can be compiled into corresponding JavaScript so that they can be loaded and parsed by browser. Webpack is another tool for bundling multiple JS files into a single one so that no multiple connections to be established between browser and server. when a page is loaded This...

   TYPESCRIPT,WEBPACK,JAVASCRIPT,EXAMPLE     2021-03-13 21:31:29

RECENT