Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- First language

  SQL Injection through HTTP Headers

During vulnerability assessment or penetration testing, identifying the input vectors of the target application is a primordial step. Sometimes, when dealing with Web application testing, verification routines related to SQL injection flaws discovery are restricted to the GET and POST variables as the unique inputs vectors ever. What about other HTTP header parameters? Aren’t they potential input vectors for SQL injection attacks? How can one test all these HTTP parameters and whic...

   Code security,SQL injection,HTTP header     2012-04-05 11:42:04

  How I Learned to Program

Programming is, without a doubt, the most mentally rewarding thing I've ever done. Programming taught me that life should be fun, filled with creativity, and lived to the fullest. Programming taught me that anything is possible; I can do anything I want using only my mind. Programming also taught me that learning is fun. It showed me that the more you know, the more power you have. Programming showed me that a life filled with learning is a life worth living. Programming revealed to me wh...

   Programming,Tips,Write,Practice,Interest     2012-02-04 21:37:12

  Don’t Call Yourself A Programmer, And Other Career Advice

If there was one course I could add to every engineering education, it wouldn’t involve compilers or gates or time complexity.  It would be Realities Of Your Industry 101, because we don’t teach them and this results in lots of unnecessary pain and suffering.  This post aspires to be README.txt for your career as a young engineer.  The goal is to make you happy, by filling in the gaps in your education regarding how the “real world” actually works.  ...

   Career,Programmer,Advice,Low level,Development     2011-10-29 07:09:23

  A Fun Approach To Creating More Successful Websites

As Web designers and developers, each project we work with has a unique set of goals and requirements. But one goal we have for all of our projects is that we want them to make an impression on people — we want the websites that we create to be memorable. A fun experience is often an enjoyable one and an enjoyable experience is usually a memorable one. Therefore, it stands to reason that one of the ways to create a memorable experience is to make it a fun experience. In this article,...

   Web design,Elements,UI,Success     2012-03-05 05:10:07

  A walk through of different ways accessing Kubernetes application

When a web application is deployed on KUbernetes, to access the application, there must be some set up needs to be done so that external users can access the resource within the Kubernetes clusters. IN this post, we will walk through different ways to access application from outside. Before exploring different ways, let's set up a simple nginx eb application which will just serve the nginx welcome message when loading. # deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: ngin...

   KUBERNETES,PORT FORWARD,SERVICE,CLUSTERIP,NODEPORT,LOADBALANCER,INGRESS     2021-05-31 00:20:27

  #46 – Why software sucks

No one makes bad software on purpose. No benevolent programmer has ever sat down, planning out weeks of work, with the intention of frustrating people and making them cry. Bad software, or bad anything, happens because making things is hard, making good things doubly so. The three things that make it difficult are: Possessing the diverse skills needed not to suck.Understanding who you’re making the thing for.Orchestrating the interplay of skills, egos and constraints over the course of...

   Software design,Sucks,Software industry     2012-03-19 13:10:37

  JavaScript Attack/Defend

As developers and designers we work hard to build visually attractive, fast and easy to maintain applications. Our goals are to make sure the applications we build stick to users and keep them coming back for more. Security is not always at the forefront of our minds. No one intentionally builds insecure software but often a lack of security knowledge leads developers to build vulnerabilities into their applications. In this article we are going to examine two web security attacks, how they are ...

   JavaScript,Attack,Defend,Security,Cross site     2011-10-13 13:09:11

  FTP Must Die

The File Transfer Protocol (FTP) is specified in RFC 959, published in October 1985. The attempt in this specification is to satisfy the diverse needs of users of maxi-hosts, mini-hosts, personal workstations, and TACs, with a simple, and easily implemented protocol design.That's from the introduction. Does anyone here know what a TAC is? I don't. I had to look it up, since the acronym wasn't even expanded in the RFC. It took three tries in Google, and I finally found it in some obscur...

   FTP,Future,Death,Trend,Protocol     2012-02-06 08:13:36

  40+ Techniques to enhance your php code

1. Do not use relative paths , instead define a ROOT path Its quite common to see such lines : 1require_once('../../lib/some_class.php'); This approach has many drawbacks : It first searches for directories specified in the include paths of php , then looks from the current directory. So many directories are checked. When a script is included by another script in a different directory , its base directory changes to that of the including script. Another issue , is that when a script is being ru...

   PHP,Quirk,Trick,Efficiency,Techniques     2012-04-10 13:06:55

  PHP Security

1. IntroductionWriting PHP applications is pretty easy. Most people grasp the syntax rather quickly and will within short time be able to produce a script that works using tutorials, references, books, and help forum forums like the one we have here at PHP Freaks. The problem is that most people forget one of the most important aspects that one must consider when writing PHP applications. Many beginners forget the security aspect of PHP. Generally, your users are nice people, they will...

   PHP,Security,SQL Injection,XSS Cross sit     2011-10-01 02:25:31

RECENT