my @list = sort { $a <=> $b } { $foo // [] }
This can produce a @list with {“ARRAY(0xdeadbeef)”:undef} inside.
https://open.spotify.com/episode/4myNcsIkVpo1OY8WMOVMze
台灣民眾黨
- WebGoat: A lab env for security testing.
- DVWA - “Damn Vulnerable Web App”
- XSS - A way to install then run a script on somebody else’s system.
(Not necessarily cross multiple sites.)
- impacting/attacking clients
- SQL Injection
- impacting/attacking DBs
- Remove command execution.
- impacting/attacking server
- CSRF. Cross-side requset forgery
- XML Attacks
- XPATH Injection (Similar to SQL Injection). Modify the xpath query and get more information back then it was supposed to.
- Session flaws (weak auth)
- session ids are copied and re-used on different computers, causing session forks.
- google hacking (GHDB) / Exploit database.
- 把 stack tracke / dying message 丟去 google 搜尋,就會找出一堆沒有實作 error handler 的網站。
- Firefox plugin TemperedData
- modify request before it is sent
- Cookie tempering
- Webalizer – quickly reveal the web server version.
- sslscan – basic checker, also check whether the target is vulnerbale to heartblead attack.
- `openssl s_client` – initiate a secure socket and let user interact similar to `telnet`.
sudo apt install -y build-essential curl
\curl https://install.perlbrew.pl | bash eval “$(./perl5/perlbrew/bin/perlbrew init-in-bash)”
perlbrew install perl-5.26.1 –notest
sudo yum install -y gcc curl patch perl
sudo apt install -y build-essential curl
for example, capture the mispelt “defult” here:
has legs => ( is => "ro", isa => "Int", defult => 4 )