SEARCH KEYWORD -- Validation


  All I Know About Certificates -- Clients

 Finally, in last article we’ve covered the responsibilities of CAs, showing that being a CA isn’t simple and has high management costs, explaining why issuing certificates costs money! This article we will cover the client in this chain. Verifying Certificates as a Client For clients, verifying certificates isn’t simple either. Articles introducing TLS handshakes often mention "the server sends back a certificate, and the client verifies it," but in reality, as ...

   CLIENTS,WEBSITES,SSL CERTIFICATE,CERTIFICATE AUTHORITY,CA     2024-07-26 22:24:30

  HTML Email Guide

Many of us may subscribe to some newsletters to get update about their site or information about a topic such as JavaScript Weekly, we may receive an email every week or every month to know what's happening there. The email we receive is just a simple HTML page but with an Email format called HTML Email. It seems it's simple to write this kind of HTML Email. But the thing is it's not so easy. It takes much effort by just designing an Email template. Whether the HTML Email can be displayed norm...

   HTML Email,Guide     2013-06-16 03:38:36

  Android Security

Android is an open source mobile platform that includes an operating system, middleware and applications. Android has revolutionized the mobile world in a big way. Android, which started as an alternative to Apple’s iOS, is now slowly eating into the market share of Apple and is of primary concern to the company. Let’s have a brief introduction about android and then look into the security concerns and vulnerabilities that need to be focused on. Android Introduction: Android was deve...

   Android security,Input validation     2013-04-16 12:19:37

  Spring – Web sockets in Java Development

Experts of java development team are sharing this article with entire java development community. The purpose behind intending this post is to explain spring – Web sockets as a concept to rest of the world. Technology: Web socket is the one of the protocol supported by web-browsers and web-servers. It provides the two-way communication between client and server. It is used in any Java application for providing the two way communication between client and server. It opens a connection betw...

   JAVA DEVELOPMENT,SPRING,JAVA TECHNOLOGY     2016-09-13 03:56:54

  Kubernetes Authentication & Authorization 101

If we want to build a system with user modules, Authentication and Authorization are something that we can never ignore, though they could be fuzzy to understand. Authentication (from Greek: αὐθεντικÏŒς authentikos, “real, genuine”, from αὐθέντης authentes, “author”) is the act of proving an assertion, such as the identity of a computer s...

   RBAC,AUTHORIZATION,AUTHENTICATION,KUBERNETES     2021-06-05 23:19:18

  Python Deserialization Attack Introduction: How to Build a Python Pickle Bomb

This article introduces an old and classic unsecured Python data serialization feature (the pickle library) and demonstrates how a red team attacker can exploit it to create a malicious binary or text data file that executes remote code or commands upon deserialization. The following attack flow diagram illustrates this process: We will follow 3 steps with the program code to show how Deserialization Attacks Work:   [ Step1 ] Crafting Malicious Data: An attacker crafts a malicious payloa...

       2024-07-07 03:08:22

  Do Not Be Misled by ‘Build an App in 5 Minutes’: In-Depth Practice with Cursor

In August this year, I tried out Cursor and was thoroughly impressed, prompting me to write an introductory article about it. Soon after, I transitioned my daily work environment entirely from GitHub Copilot + JetBrains to the paid version of Cursor. After several months of use, it has felt incredibly smooth. While using it myself, I’ve often recommended Cursor to colleagues and friends. However, many of them still have questions, such as: What advantages does it have over native ChatGPT ...

   ARTIFICIAL INTELLIGENCE,GUIDE,CURSOR,CODE EDITING,WINDSURF,DISCUSSION     2024-12-17 21:30:22

  IoT System Cyber Attack Case Study 02: Python Deserialization Attack and Library Hijacking Attack

Project Design Purpose: The objective of this cyber attack case study is to develop a workshop that demonstrates how a red team attacker can permanently compromise a people detection radar IoT device. The attack path is achieved through a series of attacks, including traffic eavesdropping, data deserialization attacks, web shell attacks, remote command/code execution, and Python library hijacking attacks. This case study is intended for IoT and data security professional training, aiming to ill...

       2024-07-14 01:40:09

RECENT