Skip to content

Instantly share code, notes, and snippets.

View jipengxiang's full-sized avatar

JI PENGXIANG jipengxiang

9 followers · 3 following
View GitHub Profile
@jipengxiang
jipengxiang / Checkpoint Management server
Last active August 12, 2019 03:28
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Deploys a Check Point Management Server (20190715)",
"Metadata": {
"AWS::CloudFormation::Interface": {
"ParameterGroups": [
{
"Label": {
"default": "VPC Network Configuration"
},
@jipengxiang
jipengxiang / TotalNotifier
Last active May 11, 2019 04:41
Serverless Architecture
# TotalNotifier Lambda function
#
# This function is triggered when values are inserted into the Transactions DynamoDB table.
# Transaction totals are calculated and notifications are sent to SNS if limits are exceeded.
from __future__ import print_function
import json, boto3
# Connect to SNS
sns = boto3.client('sns')
@jipengxiang
jipengxiang / CSCAssignment1
Last active February 25, 2022 21:42
(1) PLease upload your client side code to call talents API
(2) AWS url for web API if you have PUBLISHED your web api to AWS
or url to S3 image
(3) Sequence diagram for calling Stripe API
or calling global weather web service
@jipengxiang
jipengxiang / Elearning-Task1819S2-SecureCoding
Created January 17, 2019 00:11
Please complete the following elearning tasks by 13/1/19 1159pm:
1) Complete the 3 coding exercises at https://mimosa-admin.arcadove.host
2) Complete Practical 6
Pract 6 submission to the Elearning Practical Submission Folder
@jipengxiang
jipengxiang / cscPractical3-ProductionV2Controller
Created November 15, 2018 03:49
using ProductStore.Models;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Web.Http;
using System.Web.Http.Cors;
namespace WebAPIRestful.Controllers
@jipengxiang
jipengxiang / cscPractical2
Last active November 8, 2018 03:57
using ProductStore.Models;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Web.Http;
using System.Web.Http.Cors;
namespace WebAPIRestful.Controllers
@jipengxiang
jipengxiang / st2512Practical4
Last active November 6, 2019 11:54
<input name="password" type="password" size="10" maxlength="8">
# String SQL injection for stage 1
' or 'a'='a';--
' or 1=1;--
abc' or 1=1;--
Select field1, field2 from table where username="" and password ='abc' or 1=1;--
@jipengxiang
jipengxiang / gist:b4619bef1d40805093ac8ee12b89d8ea
Created October 28, 2018 02:13
webgoat ClientsideServerSide validation
package org.owasp.webgoat.lessons;
import java.util.ArrayList;
import java.util.List;
import java.util.regex.Pattern;
import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement;
import org.apache.ecs.html.A;
import org.apache.ecs.html.Div;
@jipengxiang
jipengxiang / ST2515AjaxAJAX Security->Insecure Client Storage
Created September 17, 2018 08:38
STAGE 1: For this exercise, your mission is to discover a coupon code Which is stored in the client side encrpted
and decrptedthe entered code to comapre
var coupons = ["nvojubmq",
"emph",
"sfwmjt",
"faopsc",
"fopttfsq",
"pxuttfsq"];
@jipengxiang
jipengxiang / ST2515Practical2ParameterTampering
Last active September 18, 2018 09:05
Batch file to start web goat container:
cd /D C:\LEcturer\ST2515\Download
java -jar webgoat-container-7.0.1-war-exec.jar -httpPort 8080
【WebGoat习题解析】Parameter Tampering->Bypass HTML Field Restrictions
The form below uses HTML form field restrictions. In order to pass this lesson, submit the form with each field containing
an unallowed value. You must submit invalid values for all six fields in one form submission.