soheilsec

requirements:
OWASP top 10
kali linux
Active Directory concepts
Windows Internals
Linux Internals

Red Team 1 ->35-45 hours
    Network Fundamentals
    Web Application Security

probonopd

Think twice before abandoning Xorg. Wayland breaks everything!

Hence, if you are interested in existing applications to "just work" without the need for adjustments, then you may be better off avoiding Wayland.

Wayland solves no issues I have but breaks almost everything I need. Even the most basic, most simple things (like xkill) - in this case with no obvious replacement. And usually it stays broken, because the Wayland folks mostly seem to care about Automotive, Gnome, maybe KDE - and alienating everyone else (e.g., people using just an X11 window manager or something like GNUstep) in the process.

Wayland proponents make it seem like Wayland is "the successor" of Xorg, when in fact it is not. It is merely an incompatible alternative, and not even one that has (nor wants to have) feature parity (missing features). And unlike X11 (the X Window System), Wayland protocol designers actively avoid the concept of "windows" (making up incompr

sundowndev

Google dork cheatsheet

Search filters

Filter	Description	Example
allintext	Searches for occurrences of all the keywords given.	allintext:"keyword"
intext	Searches for the occurrences of keywords all at once or one at a time.	intext:"keyword"
inurl	Searches for a URL matching one of the keywords.	inurl:"keyword"
allinurl	Searches for a URL matching all the keywords in the query.	allinurl:"keyword"
intitle	Searches for occurrences of keywords in title all or one.	intitle:"keyword"

moyix

<?php

require ' vendor/autoload.php ' ;

/**

* Handles an HTTP request that contains information for registering/unregistering

* a FNA application.

jiri-jagos

ABOUT

about:config settings to harden the Firefox browser. Privacy and performance enhancements.
To change these settings type 'about:config' in the url bar. Then search the setting you would like to change and modify the value. Some settings may break certain websites from functioning and rendering normally. Some settings may also make firefox unstable.

I am not liable for any damages/loss of data.

Not all these changes are necessary and will be dependent upon your usage and hardware. Do some research on settings if you don't understand what they do. These settings are best combined with your standard privacy extensions (HTTPS Everywhere, NoScript/Request Policy, uBlock origin, agent spoofing, Privacy Badger etc), and all plugins set to "Ask To Activate".

nileshtrivedi

Programming: Mostly A Hate Story

I wanted to do digital signatures validation, preferably ed25519, inside PostgreSQL triggers. Here is how it went:

Surely pgcrypto must be supporting it, right? Most Postgres cloud hosting providers already support pgcrypto so this would be perfect. Right?

Well, pgcrypto only supports PGP and that too excludes digital signatures. Let's give PGP a try anyway and see how far can we go.

Installed gpg to generate the keys and the experience is less than pleasant. Sometimes it gets stuck at the passphrase prompt. The keys are too big, but still I can make pgcrypto's pgp_pub_encrypt and pgp_pub_decrypt methods work. Just remeber to convert keys in ASCII to binary and vice-versa using armor()/dearmor(). I hate the big key size in RSA, even though GPG defaults to 2048-bit keys and not the more secure 4096-bit ones. Let's look into ed25519 now.

markwhitaker

public final class MimeTypes
{
    public static final class Application
    {
        public static final String ATOM_XML = "application/atom+xml";
        public static final String ATOMCAT_XML = "application/atomcat+xml";
        public static final String ECMASCRIPT = "application/ecmascript";
        public static final String JAVA_ARCHIVE = "application/java-archive";
        public static final String JAVASCRIPT = "application/javascript";
        public static final String JSON = "application/json";

mapmeld

OverEncrypt

This is a guide that I wrote to improve the default security of my website https://fortran.io , which has a certificate from LetsEncrypt. I'm choosing to improve HTTPS security and transparency without consideration for legacy browser support.

WARNING: if you mess up settings, lose your certificates, or decide to no longer maintain HTTPS certs, these steps can and will make your domain inaccessible.

I would recommend these steps only if you have a specific need for information security, privacy, and trust with your users, and/or maintain a separate secure.example.com domain which won't mess up your main site. If you've been thinking about hosting a site on Tor, then this might be a good option, too.

The best resources that I've found for explaining these steps are https://https.cio.gov , https://certificate-transparency.org , and https://twitter.com/konklone

rondy

FWIW: I (@rondy) am not the creator of the content shared here, which is an excerpt from Edmond Lau's book. I simply copied and pasted it from another location and saved it as a personal note, before it gained popularity on news.ycombinator.com. Unfortunately, I cannot recall the exact origin of the original source, nor was I able to find the author's name, so I am can't provide the appropriate credits.

---

Effective Engineer - Notes

• By Edmond Lau
• Highly Recommended 👍
• http://www.theeffectiveengineer.com/

What's an Effective Engineer?

Arinerron

android.permission.ACCESS_ALL_DOWNLOADS
android.permission.ACCESS_BLUETOOTH_SHARE
android.permission.ACCESS_CACHE_FILESYSTEM
android.permission.ACCESS_CHECKIN_PROPERTIES
android.permission.ACCESS_CONTENT_PROVIDERS_EXTERNALLY
android.permission.ACCESS_DOWNLOAD_MANAGER
android.permission.ACCESS_DOWNLOAD_MANAGER_ADVANCED
android.permission.ACCESS_DRM_CERTIFICATES
android.permission.ACCESS_EPHEMERAL_APPS
android.permission.ACCESS_FM_RADIO