SEARCH KEYWORD -- demo


  Best practices of front end optimization

1. Use DocumentFragment or innerHTML to replace complex elements insertion DOM operation on browser is expensive. Although browser performance is improved much, multiple DOM elements insertion is still expensive and will affect the page load speed. Assume we have an ul element on our page, we now want to retrieve a JSON list using AJAX and then update the ul using JavaScript. Usually we may write it as : var list = document.querySelector('ul'); ajaxResult.items.forEach(function(item) { // ...

   JavaScript,Front end,Optimization,Tips     2013-07-06 11:26:27

  Some hidden XSS injection vulnerabilities

XSS injection refers to a Web page generates some unexpected executable js codes based on user input  and these executable codes are executed by web browser,i.e, the source code sent to web browser by the server contains some illegal js codes, and these illegal js codes are related to user's input. Common XSS injection vulnerabilities can be fixed with some functions such as htmlspecialchars(escaping HTML special characters) and strip_tags() or similar, but there are some hidden XSS injecti...

   XSS,PHP,Security,Code,JavaScript     2012-08-27 20:32:08

  Python Deserialization Attack Introduction: How to Build a Python Pickle Bomb

This article introduces an old and classic unsecured Python data serialization feature (the pickle library) and demonstrates how a red team attacker can exploit it to create a malicious binary or text data file that executes remote code or commands upon deserialization. The following attack flow diagram illustrates this process: We will follow 3 steps with the program code to show how Deserialization Attacks Work:   [ Step1 ] Crafting Malicious Data: An attacker crafts a malicious payloa...

       2024-07-07 03:08:22

  CSS and HTML5 responsive images

With the popularity of Retina screen, the requirement of the images in the webpages is higher. How to make sure the image still clear while enlarging twice on retina screen? This brings much trouble to web developers, the good news is CSS3 and HTML5 is trying to change this, we can use response image. What is responsive image? It means user agent loads different images according to different resolutions of output devices, it will not waste bandwidth as well. In addition, it can load respective ...

   CSS3, HTML5,image-set,responsive image     2013-03-10 03:30:07

  Flows.network: Writing an LLM Application in Rust

Over the past year, large language models (LLMs) have been booming and developing vigorously. As an enthusiast of data systems, it would indeed seem outdated not to pursue and research this hot field at all. This article summarizes my recent practical experiences attempting to write an LLM application using Rust with flows.network. Concepts Related to Large Language Models When talking about large language models, it's impossible not to mention ChatGPT and OpenAI. Although OpenAI recently change...

   LLM,RUST,APPLICATION,DEVELOPMENT     2024-09-30 21:38:04

  IT System Cyber Attack Case Study 01: Malicious Macro and Backdoor Trojan Attack on IT-Network

Project Design Purpose: The objective of this cyber attack case study is to develop a workshop showcasing a practical demonstration of a red team attacker implementing an IT system/network attack via a Malicious Macro MS-Office-Word file (CVE-2015-1641) and phishing email generation program to penetrate multiple layers of firewall defenses and implant a backdoor trojan into the railway system's OT network. Related Links: GitHub Project Link , LinkedIn Post Link Attacker Vector: Malicious Macro ...

       2024-08-03 08:21:49

  SIEM Big Data Visualization [03]:Graph-Based SIEM Log Analysis Dashboard

Program Design Purpose: The purpose of this program is to develop a Graph-Based SIEM (System Information and Event Management) dashboard that visualizes network communication patterns by processing and analyzing logs from IDS, firewalls, host computers, and other security devices. This dashboard will help security analysts quickly identify and investigate potential threats by using a Cytoscape-style Node-Edge graph for intuitive data representation. The program is an angular plug in which can i...

       2024-10-26 04:31:11

  Secure Your Go Code With Vulnerability Check Tool

Security vulnerabilities exist in any language and any code, some are written by ourselves, but more are from the upstream dependencies, even the underlying Linux. We have discussed the security protection methods for Go and Kubernetes Image in Path to a Perfect Go Dockerfile and Image Vulnerability Scanning for Optimal Kubernetes Security, in which the security scanning was performed based on generic. As the Go community grows, more and more open-source packages have caused ...

   GOVULNCHECK,GOSEC,GOLANG     2022-10-29 23:43:20

  Simplify Cloud Data Security: A Deep Dive Into Protecting Sensitive Data in Java

Featuring encryption, anonymization, hashing, and access control Network security incidents occur now and then, mostly caused by data leakage. Data security has aroused widespread concern, and the community keeps working hard on approaches to simplify data security, especially in sensitive data protection. Sensitive data includes but is not limited to personally identifiable information (PII) like names, ID numbers, passport numbers, driver’s license numbers, contact information like addre...

   JAVA,SECURITY,ENCRYPTION,DECRYPTION,TOKENIZATION     2023-04-28 21:22:10

  10 tools to make your shell script more powerful

Many people mistakenly think that shell scripts can only be run in command line. In fact shell can also call some GUI components such as menus,alert dialogs, progress bar etc. You can control the final output, cursor position and various output effects. Here we introduce some tools which can help you create powerful, interactive and user friendly Unix/Linux shell scripts. 1. notify-send This command can let you inform the process to send a desktop notification to users. This can be used to send ...

   shell,GUI,zenity     2013-04-05 08:50:41

RECENT