Bolt like as Ansible alternative
Bolt is an open source orchestration tool that automates the manual work it takes to maintain your infrastructure.
* https://puppet.com/docs/bolt/latest/bolt.html
#tool
Bolt is an open source orchestration tool that automates the manual work it takes to maintain your infrastructure.
* https://puppet.com/docs/bolt/latest/bolt.html
#tool
Artillery - Cloud-scale performance testing
Very easy tool for web services benchmarking…:
* https://www.artillery.io
#tool
Very easy tool for web services benchmarking…:
* https://www.artillery.io
#tool
Artillery
Artillery · Full-stack performance & reliability testing
Keep production reliable, customers happy, and pagers silent.
2022-unit42-incident-response-report-final.pdf
3.1 MB
2022 Unit 42 Incident Response Report
Executive Summary: Every week brings news about threat actors—new campaigns, new groups, new types of attacks, new targets. Defenders can easily wind up playing catchup, but what does it take to flip the noscript?..
Big report abpout of top attacks trends and etc.
Executive Summary: Every week brings news about threat actors—new campaigns, new groups, new types of attacks, new targets. Defenders can easily wind up playing catchup, but what does it take to flip the noscript?..
Big report abpout of top attacks trends and etc.
Build an automated ecommerce app with WhatsApp Cloud API and Node.js
https://blog.logrocket.com/build-ecommerce-app-whatsapp-cloud-api-node-js/
https://blog.logrocket.com/build-ecommerce-app-whatsapp-cloud-api-node-js/
LogRocket Blog
Build an automated ecommerce app with WhatsApp Cloud API and Node.js - LogRocket Blog
The newly open-sourced WhatsApp Business API provides a new channel for ecommerce businesses to engage customers.
7 Daily Hacks For Programmers To Make Coding Skills Faster
https://dev.to/devsimc/7-daily-hacks-for-programmers-to-make-coding-skills-faster-a68
https://dev.to/devsimc/7-daily-hacks-for-programmers-to-make-coding-skills-faster-a68
DEV Community
7 Daily Hacks For Programmers To Make Coding Skills Faster
In 21st century, programming is everywhere. Some people are passionate about programming languages....
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself
https://www.microsoft.com/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself
https://www.microsoft.com/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself
Microsoft News
Ransomware as a service: Understanding the cybercrime gig economy and how to protect yourself
Microsoft coined the term “human-operated ransomware” to clearly define a class of attack driven by expert human intelligence at every step of the attack chain and culminate in intentional business disruption and extortion. In this blog, we explain the ransomware…
2207.05267.pdf
1.2 MB
Indoor optical fiber eavesdropping approach and its avoidance
🪢 A fast native data type for manipulating large strings in Redis
https://github.com/ekzhang/redis-rope
https://github.com/ekzhang/redis-rope
GitHub
GitHub - ekzhang/redis-rope: 🪢 A fast native data type for manipulating large strings in Redis
🪢 A fast native data type for manipulating large strings in Redis - ekzhang/redis-rope
Gum - A tool for glamorous shell noscripts. Leverage the power of Bubbles and Lip Gloss in your noscripts and aliases without writing any Go code
https://github.com/charmbracelet/gum
#tool #review
https://github.com/charmbracelet/gum
#tool #review
GitHub
GitHub - charmbracelet/bubbles: TUI components for Bubble Tea 🫧
TUI components for Bubble Tea 🫧. Contribute to charmbracelet/bubbles development by creating an account on GitHub.
The Four Golden Signals for SRE
The four golden signals of monitoring are latency, traffic, errors, and saturation. If you can only measure four metrics of your user-facing system, focus on these four…:
https://sre.google/sre-book/monitoring-distributed-systems/#xref_monitoring_golden-signals
The four golden signals of monitoring are latency, traffic, errors, and saturation. If you can only measure four metrics of your user-facing system, focus on these four…:
https://sre.google/sre-book/monitoring-distributed-systems/#xref_monitoring_golden-signals
Top Trending Python Frameworks Today
https://www.codemotion.com/magazine/backend/languages/top-python-frameworks/
https://www.codemotion.com/magazine/backend/languages/top-python-frameworks/
Codemotion Magazine
Top Trending Python Frameworks Today
Python is a popular, stable and easy-to-use coding language. Learn about its best frameworks for web applications, data science and more.
OctoSQL - is a query tool that allows you to join, analyse and transform data from multiple databases and file formats using SQL:
https://github.com/cube2222/octosql
https://github.com/cube2222/octosql
GitHub
GitHub - cube2222/octosql: OctoSQL is a query tool that allows you to join, analyse and transform data from multiple databases…
OctoSQL is a query tool that allows you to join, analyse and transform data from multiple databases and file formats using SQL. - cube2222/octosql
Fourteen Ways to Read the PID for the Local Security Authority Subsystem Service (LSASS)
Process enumeration is necessary prior to injecting shellcode or dumping memory. Threat actors tend to favour using CreateToolhelp32Snapshot with Process32First and Process32Next to gather a list of running processes. And if they’re a bit more tech-savvy, they’ll use the NtQuerySystemInformation system call directly.
Although this post will focus on obtaining a PID specifically for LSASS, the methods described here can be adapted to resolve PIDs for any process. Some of these are well known and have been discussed before, but there’s also a few new ones that many readers won’t be familiar with…
* https://www.mdsec.co.uk/2022/08/fourteen-ways-to-read-the-pid-for-the-local-security-authority-subsystem-service-lsass/
Process enumeration is necessary prior to injecting shellcode or dumping memory. Threat actors tend to favour using CreateToolhelp32Snapshot with Process32First and Process32Next to gather a list of running processes. And if they’re a bit more tech-savvy, they’ll use the NtQuerySystemInformation system call directly.
Although this post will focus on obtaining a PID specifically for LSASS, the methods described here can be adapted to resolve PIDs for any process. Some of these are well known and have been discussed before, but there’s also a few new ones that many readers won’t be familiar with…
* https://www.mdsec.co.uk/2022/08/fourteen-ways-to-read-the-pid-for-the-local-security-authority-subsystem-service-lsass/
MDSec
Fourteen Ways to Read the PID for the Local Security Authority Subsystem Service (LSASS) - MDSec
Introduction Process enumeration is necessary prior to injecting shellcode or dumping memory. Threat actors tend to favour using CreateToolhelp32Snapshot with Process32First and Process32Next to gather a list of running processes....
What Is Bun.js and Why Is the JavaScript Community Excited About It?
https://www.makeuseof.com/what-is-bunjs-why-the-javanoscript-community-excited/
https://www.makeuseof.com/what-is-bunjs-why-the-javanoscript-community-excited/
MUO
What Is Bun.js and Why Is the JavaScript Community Excited About It?
Bun.js is a new JavaScript runtime but why are so many developers excited by it?
Introducing the new npm Dependency Selector Syntax
https://github.blog/changelog/2022-08-03-introducing-the-new-npm-dependency-selector-syntax/
https://github.blog/changelog/2022-08-03-introducing-the-new-npm-dependency-selector-syntax/
NimicStack - Slack spoofing with Nim
NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs.
https://github.com/frkngksl/NimicStack
NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs.
https://github.com/frkngksl/NimicStack
KHS in Almaty (Kazakhstan) at 14-16 September.
With Jayson E. Street (DEF CON Groups Global Ambassador), Author book series of "Dissecting the hack: Series"...
Sys-Adm.in is not only an information partner, but also a participant in the conference 🎉
See more details on official KHS site: https://kazhackstan.kz
With Jayson E. Street (DEF CON Groups Global Ambassador), Author book series of "Dissecting the hack: Series"...
Sys-Adm.in is not only an information partner, but also a participant in the conference 🎉
See more details on official KHS site: https://kazhackstan.kz
squip.pdf
505.5 KB
SQUIP: Exploiting the Scheduler Queue Contention Side Channel
In this paper, we present the SQUIP attack, the first side-channel attack on scheduler queues. With SQUIP, we measure the precise degree of Scheduler Queue Usage (i.e., occupancy) via Interference Probing. We show that this occupancy level measurement works on microarchitectures of different vendors, namely the Apple M1, AMD Zen 2 and Zen 3…
In this paper, we present the SQUIP attack, the first side-channel attack on scheduler queues. With SQUIP, we measure the precise degree of Scheduler Queue Usage (i.e., occupancy) via Interference Probing. We show that this occupancy level measurement works on microarchitectures of different vendors, namely the Apple M1, AMD Zen 2 and Zen 3…