for webgtx/webgtx.io repository
| CVSS Metrics | Weakness | Attack vector | Integrity |
|---|---|---|---|
| CWE-20 | Network | High |
Alex Zolotarov webgtx
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| void slice(const char *str, char *result, size_t start, size_t end) | |
| { | |
| strncpy(result, str + start, end - start); | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <string.h> | |
| #include <stdio.h> | |
| int main () { | |
| char str[80] = "This is - www.tutorialspoint.com - website"; | |
| const char s[2] = "-"; | |
| char *token; | |
| /* get the first token */ | |
| token = strtok(str, s); |
webgtx
/ SecurityReport.md
Created
September 5, 2022 07:52
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| while read line | |
| do | |
| echo "$line" | |
| done < "${1:-/dev/stdin}" |
webgtx
/ secdevopsVSdevsecops.md
Created
December 22, 2022 05:11
SecDevOps vs DevSecOps: A distinction with a difference
There’s an emerging conversation in information technology (IT) surrounding DevSecOps and SecDevOps and what, if anything, defines and distinguishes one from the other. While the overall goal might be the same — namely, to produce more secure applications — the approaches are quite different in both practice and philosophy.
DevSecOps is primarily concerned with integrating security processes into DevOps cycles while maintaining efficiency, while SecDevOps prioritizes security as much as the actual steps of integrating security into the DevOps process itself.
In essence, SecDevOps means making every decision from a security-first mindset. SecDevOps doesn’t integrate security so much as cultivate a security ethos within every team member to ensure that security becomes a shared responsibility across the entire application lifecycle.
While that sounds good in practice — after all, who doesn’t want better security when their data and br
Ideally, software and systems were designed from the start with the aim of eliminating dangerous security flaws. A pen test provides insight into how well that aim was achieved. Pen testing can help an organization
- Find weaknesses in systems
- Determine the robustness of controls
- Support compliance with data privacy and security regulations (e.g., PCI DSS, HIPAA, GDPR)
- Provide qualitative and quantitative examples of current security posture and budget priorities for management
Depending on the goals of a pen test, testers are given varying degrees of information about, or access to, the target system. In some cases, the pen testing team takes one approach at the start and sticks with it. Other times, the testing team evolves its strategy as its awareness of the system increases during the pen test. There are three levels of pen test access.
- Opaque box. The team doesn’t know anything about the interna
VPS (Virtual Private Server) hosting is generally considered to be more powerful and flexible than regular FTP (File Transfer Protocol) hosting. This is because a VPS allows you to have your own virtualized operating system, which gives you more control over the hosting environment. With a VPS, you can install custom software and configure your hosting environment to meet your specific needs.
In contrast, regular FTP hosting typically provides less control and flexibility. You are typically limited to using the software and configurations provided by the hosting provider, and may not have the ability to install custom software or make other configuration changes.
Additionally, VPS hosting typically offers more resources, such as memory and CPU, which can be beneficial if you have a resource-intensive website or application.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| local Players = game:GetService("Players") | |
| local ContextActionService = game:GetService("ContextActionService") | |
| local UserInputService = game:GetService("UserInputService") | |
| local RunService = game:GetService("RunService") | |
| local camera = workspace.CurrentCamera | |
| local cameraOffset = Vector3.new(2, 2, 8) | |
| local player = Players.LocalPlayer | |
| player.CharacterAdded:Connect(function(character) |
webgtx
/ oci_bucket_handle.py
Created
January 31, 2023 16:04
Simple script for handling data in OCI Bucket
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| url = "https://<object-storage-namespace>.compat.objectstorage.<region>.oraclecloud.com/n/<namespace-name>/b/<bucket-name>" | |
| # List objects in the bucket | |
| response = requests.get(url) | |
| if response.status_code == 200: | |
| object_list = response.text.split("\n") | |
| print("Objects in the bucket:") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdarg.h> | |
| #include <string.h> | |
| #include <sys/socket.h> | |
| #include <arpa/inet.h> | |
| #include <stdlib.h> | |
| #include <stdio.h> | |
| #include <unistd.h> | |
| #define SERVER_PORT 80 | |
| #define MAXLINE 4096 |