Lets play a game - 0xOPOsec 2018 Summer CTF
•
0 likes•102 views
This document discusses a summer challenge involving assessing a website and hacking into various systems. It describes fuzzing the website, finding source code, analyzing strange code and programming languages, cracking binaries, exploiting a vulnerable WordPress installation with SQL injection and backdoors, gaining shell access on a server, escalating privileges on the server, and concluding by providing the author's contact details.
Report
Share
Report
Share
Download to read offline
![ØxOPOSɆC 2018 Summer Challenge - Mɇɇtuᵽ [Øx6E]](https://image.slidesharecdn.com/letsplayagame-0xoposecsummerctf-180928085548/85/Lets-play-a-game-0xOPOsec-2018-Summer-CTF-1-320.jpg)
Recommended
10 Eclipse Tips in 15 Minutes
This is the slides of "10 Eclipse Tips in 15 minutes" talk in JCConf 2014. Please check https://github.com/haocheng/10-eclipse-tips for code reference.
Git Basics Workshop Summer of Tech 2010
Presentation about version control and Git. Workshop exercises at http://github.com/kuahyeow/git-workshop
YAPC::TV essentials
This document provides links and information for accessing video content from YAPC (Yet Another Perl Conference) events. It includes URLs for the YAPC video portal site, feeds for different languages, and metadata for embedding a specific video. The document contains details on playing and embedding YAPC videos from various sources on the web.
Про YAPC::TV
The document contains information about YAPC::TV, including links to videos from past YAPC conferences and details on embedding a video player and video metadata in JSON and XML formats. Specifically, it provides links to video archives from past Perl conferences, URLs for the YAPC::TV RSS feeds in English and Russian, an example of a video embed code, and an example JSON response for a video. It also lists the author of the video as Roman Belikin and includes their name and contact information in Russian at the end.
Introducción a HTML5 & CSS3
This document provides a list of resources for learning HTML5 and CSS3, including websites, tutorials, cheat sheets, frameworks, and demos. Some of the key resources mentioned are diveintohtml5.info for an HTML5 tutorial, woorkup.com for an HTML5 cheat sheet, html5boilerplate.com for a framework, caniuse.com to check browser support, and lea.verou.me/css3-secrets for a CSS3 secrets guide. The document recommends these resources for learning the latest standards of HTML5 and CSS3.
Testing Grails 3, the goob (unit), the bad (integration) and the ugly (functi...
Testing Grails 3, the goob (unit), the bad (integration) and the ugly (functi...Alberto De Ávila Hernández
Code available at: https://github.com/albertodeavila/testingGrails3
Do you want to know how to testing Grails 3 apps? Here you will find the following:
- Unit test
- Integration test
- Functional test
All of these, using Spock, Geb, Groovy, Grails and Gradle.
Let Codenarc check if you write good Groovy code
This document discusses the static code analysis tool Codenarc. It begins by introducing Codenarc and what it is used for. It then discusses why one should use Codenarc to check for coding standard violations and improve code quality. The document outlines Codenarc's rule-based system and categories of rules. It provides instructions on configuring Codenarc in Grails 3 projects and describes how to create custom rules. It concludes that Codenarc makes it easy to enforce coding standards and maintain a unified code style.
Nitro for your Grails App: How to improve performance!! Greach' 18
Do you want to improve the performance of your Grails Applications? In this presentation you will find the mains topics you have to change into your grails application to be more efficient and faster. You will find some tricks about domain classes, async logging, parallelism, regex, querying and tools.
Recommended
10 Eclipse Tips in 15 Minutes
This is the slides of "10 Eclipse Tips in 15 minutes" talk in JCConf 2014. Please check https://github.com/haocheng/10-eclipse-tips for code reference.
Git Basics Workshop Summer of Tech 2010
Presentation about version control and Git. Workshop exercises at http://github.com/kuahyeow/git-workshop
YAPC::TV essentials
This document provides links and information for accessing video content from YAPC (Yet Another Perl Conference) events. It includes URLs for the YAPC video portal site, feeds for different languages, and metadata for embedding a specific video. The document contains details on playing and embedding YAPC videos from various sources on the web.
Про YAPC::TV
The document contains information about YAPC::TV, including links to videos from past YAPC conferences and details on embedding a video player and video metadata in JSON and XML formats. Specifically, it provides links to video archives from past Perl conferences, URLs for the YAPC::TV RSS feeds in English and Russian, an example of a video embed code, and an example JSON response for a video. It also lists the author of the video as Roman Belikin and includes their name and contact information in Russian at the end.
Introducción a HTML5 & CSS3
This document provides a list of resources for learning HTML5 and CSS3, including websites, tutorials, cheat sheets, frameworks, and demos. Some of the key resources mentioned are diveintohtml5.info for an HTML5 tutorial, woorkup.com for an HTML5 cheat sheet, html5boilerplate.com for a framework, caniuse.com to check browser support, and lea.verou.me/css3-secrets for a CSS3 secrets guide. The document recommends these resources for learning the latest standards of HTML5 and CSS3.
Testing Grails 3, the goob (unit), the bad (integration) and the ugly (functi...
Testing Grails 3, the goob (unit), the bad (integration) and the ugly (functi...Alberto De Ávila Hernández
Code available at: https://github.com/albertodeavila/testingGrails3
Do you want to know how to testing Grails 3 apps? Here you will find the following:
- Unit test
- Integration test
- Functional test
All of these, using Spock, Geb, Groovy, Grails and Gradle.
Let Codenarc check if you write good Groovy code
This document discusses the static code analysis tool Codenarc. It begins by introducing Codenarc and what it is used for. It then discusses why one should use Codenarc to check for coding standard violations and improve code quality. The document outlines Codenarc's rule-based system and categories of rules. It provides instructions on configuring Codenarc in Grails 3 projects and describes how to create custom rules. It concludes that Codenarc makes it easy to enforce coding standards and maintain a unified code style.
Nitro for your Grails App: How to improve performance!! Greach' 18
Do you want to improve the performance of your Grails Applications? In this presentation you will find the mains topics you have to change into your grails application to be more efficient and faster. You will find some tricks about domain classes, async logging, parallelism, regex, querying and tools.
CAR Email 5.16.03
The document is an email from Harvey Reid at the EPA sending a response from the EPA to CEI (Competitive Enterprise Institute) regarding their letter on the Climate Action Report. It was sent to various individuals at government agencies. Attached is a PDF document containing the EPA's response. The email also provides links to pages on the EPA website that have been modified to reference the Climate Action Report as a State Department document.
CAR Email 5.16.03 (a)
The document is an email from Harvey Reid at the EPA sending a response from the EPA to CEI regarding CEI's letter on the Climate Action Report. It was sent to various individuals at government agencies. Attached is a PDF file from the EPA responding to CEI. The email also provides a link to where the response has been posted on the EPA website and notes some website changes made to cite the Climate Action Report as a State Department document.
Learning iPython Notebook Volatility Memory Forensics
The document provides links to additional resources for learning about digital forensics and incident response topics. These include links to websites, documentation, code repositories, and data sets that cover areas like Python scripting, Hadoop, machine learning, memory forensics, and fuzzy hashing. Code examples are given for working with arrays, images, graphs and comparing hashes against files.
Pitch presentation
This document provides links to YouTube videos and images as part of a final music video project. It lists hip hop artists and music video directors that were influences. It states that the genre of the music video will be hip hop as that genre suits the music and lyrics being produced.
CAR Emails 6.12.02 (b)
The document is an email forwarded by Patricia Haman at the EPA on June 12, 2002. It contains a mass email sent to all EPA email users on June 7, 2002 with news from the EPA Administrator. The email notes that an error was made in an earlier communication about the US Climate Action Report and provides a corrected section on that report, stating that the Bush administration's opposition to the Kyoto Treaty has been consistent.
CMB Momentum '17: The 60-Second Messaging Masterclass
This document contains a collection of quotes and passages on various topics including family, faith, grace, struggle, and life's lessons. It discusses asking hard questions of parents, respecting others, God's transforming power, and finding meaning in life's challenges. Throughout are messages of hope, strength, and wisdom.
DeakinPE Session
The document discusses using technology tools and apps to enhance physical education programs for 21st century students. It lists over 30 apps that can be used for various purposes like tracking fitness, assessing skills, managing class data, and more. The document encourages incorporating these information and communication technologies into PE pedagogies and provides examples of classroom activities where students can teach skills on video or take on roles for a sports simulation activity.
Pairing with the queen
Diego Pacheco discusses his experiences with agile software development techniques like pairing, Scrum, and XP. He shares photos and links related to starting a new project, managing costs and contracts, transparency, collaboration tools, code reviews, and retrospectives. Pacheco thanks his audience at the end.
【workface 分享】斜槓上班族的故事 , 2019_4_26
This document contains questions from a user and responses from Foxfirejack@gmail.com providing recommendations and advice. The responses include links to video tutorials and articles on topics such as UI/UX design, web development, Adobe programs, and job interviews. Project experiences and qualifications are also listed, ranging from 2010 to present. Contact information is provided at the end for additional questions.
Startup and Rapid web development
How we used Rapid web development frameworks like CakePHP and Ruby on Rails to launch our startup and build in record time.
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
HERE IS YOUR WEBINAR CONTENT! 'Mastering Customer Journey Management with Dr. Graham Hill'. We hope you find the webinar recording both insightful and enjoyable.
In this webinar, we explored essential aspects of Customer Journey Management and personalization. Here’s a summary of the key insights and topics discussed:
Key Takeaways:
Understanding the Customer Journey: Dr. Hill emphasized the importance of mapping and understanding the complete customer journey to identify touchpoints and opportunities for improvement.
Personalization Strategies: We discussed how to leverage data and insights to create personalized experiences that resonate with customers.
Technology Integration: Insights were shared on how inQuba’s advanced technology can streamline customer interactions and drive operational efficiency.
Essentials of Automations: Exploring Attributes & Automation Parameters
Building automations in FME Flow can save time, money, and help businesses scale by eliminating data silos and providing data to stakeholders in real-time. One essential component to orchestrating complex automations is the use of attributes & automation parameters (both formerly known as “keys”). In fact, it’s unlikely you’ll ever build an Automation without using these components, but what exactly are they?
Attributes & automation parameters enable the automation author to pass data values from one automation component to the next. During this webinar, our FME Flow Specialists will cover leveraging the three types of these output attributes & parameters in FME Flow: Event, Custom, and Automation. As a bonus, they’ll also be making use of the Split-Merge Block functionality.
You’ll leave this webinar with a better understanding of how to maximize the potential of automations by making use of attributes & automation parameters, with the ultimate goal of setting your enterprise integration workflows up on autopilot.
A Deep Dive into ScyllaDB's Architecture
This talk will cover ScyllaDB Architecture from the cluster-level view and zoom in on data distribution and internal node architecture. In the process, we will learn the secret sauce used to get ScyllaDB's high availability and superior performance. We will also touch on the upcoming changes to ScyllaDB architecture, moving to strongly consistent metadata and tablets.
AppSec PNW: Android and iOS Application Security with MobSF
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
Main news related to the CCS TSI 2023 (2023/1695)
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
Northern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
What began over 115 years ago as a supplier of precision gauges to the automotive industry has evolved into being an industry leader in the manufacture of product branding, automotive cockpit trim and decorative appliance trim. Value-added services include in-house Design, Engineering, Program Management, Test Lab and Tool Shops.
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Dmitrii Kamaev, PhD
Senior Product Owner - QIAGEN
Session 1 - Intro to Robotic Process Automation.pdf
👉 Check out our full 'Africa Series - Automation Student Developers (EN)' page to register for the full program:
https://bit.ly/Automation_Student_Kickstart
In this session, we shall introduce you to the world of automation, the UiPath Platform, and guide you on how to install and setup UiPath Studio on your Windows PC.
📕 Detailed agenda:
What is RPA? Benefits of RPA?
RPA Applications
The UiPath End-to-End Automation Platform
UiPath Studio CE Installation and Setup
💻 Extra training through UiPath Academy:
Introduction to Automation
UiPath Business Automation Platform
Explore automation development with UiPath Studio
👉 Register here for our upcoming Session 2 on June 20: Introduction to UiPath Studio Fundamentals: https://community.uipath.com/events/details/uipath-lagos-presents-session-2-introduction-to-uipath-studio-fundamentals/
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
Tomaz Bratanic
Graph ML and GenAI Expert - Neo4j
Leveraging the Graph for Clinical Trials and Standards
Katja Glaß
OpenStudyBuilder Community Manager - Katja Glaß Consulting
Marius Conjeaud
Principal Consultant - Neo4j
More Related Content
Similar to Lets play a game - 0xOPOsec 2018 Summer CTF
CAR Email 5.16.03
The document is an email from Harvey Reid at the EPA sending a response from the EPA to CEI (Competitive Enterprise Institute) regarding their letter on the Climate Action Report. It was sent to various individuals at government agencies. Attached is a PDF document containing the EPA's response. The email also provides links to pages on the EPA website that have been modified to reference the Climate Action Report as a State Department document.
CAR Email 5.16.03 (a)
The document is an email from Harvey Reid at the EPA sending a response from the EPA to CEI regarding CEI's letter on the Climate Action Report. It was sent to various individuals at government agencies. Attached is a PDF file from the EPA responding to CEI. The email also provides a link to where the response has been posted on the EPA website and notes some website changes made to cite the Climate Action Report as a State Department document.
Learning iPython Notebook Volatility Memory Forensics
The document provides links to additional resources for learning about digital forensics and incident response topics. These include links to websites, documentation, code repositories, and data sets that cover areas like Python scripting, Hadoop, machine learning, memory forensics, and fuzzy hashing. Code examples are given for working with arrays, images, graphs and comparing hashes against files.
Pitch presentation
This document provides links to YouTube videos and images as part of a final music video project. It lists hip hop artists and music video directors that were influences. It states that the genre of the music video will be hip hop as that genre suits the music and lyrics being produced.
CAR Emails 6.12.02 (b)
The document is an email forwarded by Patricia Haman at the EPA on June 12, 2002. It contains a mass email sent to all EPA email users on June 7, 2002 with news from the EPA Administrator. The email notes that an error was made in an earlier communication about the US Climate Action Report and provides a corrected section on that report, stating that the Bush administration's opposition to the Kyoto Treaty has been consistent.
CMB Momentum '17: The 60-Second Messaging Masterclass
This document contains a collection of quotes and passages on various topics including family, faith, grace, struggle, and life's lessons. It discusses asking hard questions of parents, respecting others, God's transforming power, and finding meaning in life's challenges. Throughout are messages of hope, strength, and wisdom.
DeakinPE Session
The document discusses using technology tools and apps to enhance physical education programs for 21st century students. It lists over 30 apps that can be used for various purposes like tracking fitness, assessing skills, managing class data, and more. The document encourages incorporating these information and communication technologies into PE pedagogies and provides examples of classroom activities where students can teach skills on video or take on roles for a sports simulation activity.
Pairing with the queen
Diego Pacheco discusses his experiences with agile software development techniques like pairing, Scrum, and XP. He shares photos and links related to starting a new project, managing costs and contracts, transparency, collaboration tools, code reviews, and retrospectives. Pacheco thanks his audience at the end.
【workface 分享】斜槓上班族的故事 , 2019_4_26
This document contains questions from a user and responses from Foxfirejack@gmail.com providing recommendations and advice. The responses include links to video tutorials and articles on topics such as UI/UX design, web development, Adobe programs, and job interviews. Project experiences and qualifications are also listed, ranging from 2010 to present. Contact information is provided at the end for additional questions.
Startup and Rapid web development
How we used Rapid web development frameworks like CakePHP and Ruby on Rails to launch our startup and build in record time.
Similar to Lets play a game - 0xOPOsec 2018 Summer CTF (10)
Learning iPython Notebook Volatility Memory Forensics
Learning iPython Notebook Volatility Memory Forensics
CMB Momentum '17: The 60-Second Messaging Masterclass
CMB Momentum '17: The 60-Second Messaging Masterclass
Recently uploaded
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
HERE IS YOUR WEBINAR CONTENT! 'Mastering Customer Journey Management with Dr. Graham Hill'. We hope you find the webinar recording both insightful and enjoyable.
In this webinar, we explored essential aspects of Customer Journey Management and personalization. Here’s a summary of the key insights and topics discussed:
Key Takeaways:
Understanding the Customer Journey: Dr. Hill emphasized the importance of mapping and understanding the complete customer journey to identify touchpoints and opportunities for improvement.
Personalization Strategies: We discussed how to leverage data and insights to create personalized experiences that resonate with customers.
Technology Integration: Insights were shared on how inQuba’s advanced technology can streamline customer interactions and drive operational efficiency.
Essentials of Automations: Exploring Attributes & Automation Parameters
Building automations in FME Flow can save time, money, and help businesses scale by eliminating data silos and providing data to stakeholders in real-time. One essential component to orchestrating complex automations is the use of attributes & automation parameters (both formerly known as “keys”). In fact, it’s unlikely you’ll ever build an Automation without using these components, but what exactly are they?
Attributes & automation parameters enable the automation author to pass data values from one automation component to the next. During this webinar, our FME Flow Specialists will cover leveraging the three types of these output attributes & parameters in FME Flow: Event, Custom, and Automation. As a bonus, they’ll also be making use of the Split-Merge Block functionality.
You’ll leave this webinar with a better understanding of how to maximize the potential of automations by making use of attributes & automation parameters, with the ultimate goal of setting your enterprise integration workflows up on autopilot.
A Deep Dive into ScyllaDB's Architecture
This talk will cover ScyllaDB Architecture from the cluster-level view and zoom in on data distribution and internal node architecture. In the process, we will learn the secret sauce used to get ScyllaDB's high availability and superior performance. We will also touch on the upcoming changes to ScyllaDB architecture, moving to strongly consistent metadata and tablets.
AppSec PNW: Android and iOS Application Security with MobSF
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
Main news related to the CCS TSI 2023 (2023/1695)
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
Northern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
What began over 115 years ago as a supplier of precision gauges to the automotive industry has evolved into being an industry leader in the manufacture of product branding, automotive cockpit trim and decorative appliance trim. Value-added services include in-house Design, Engineering, Program Management, Test Lab and Tool Shops.
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Dmitrii Kamaev, PhD
Senior Product Owner - QIAGEN
Session 1 - Intro to Robotic Process Automation.pdf
👉 Check out our full 'Africa Series - Automation Student Developers (EN)' page to register for the full program:
https://bit.ly/Automation_Student_Kickstart
In this session, we shall introduce you to the world of automation, the UiPath Platform, and guide you on how to install and setup UiPath Studio on your Windows PC.
📕 Detailed agenda:
What is RPA? Benefits of RPA?
RPA Applications
The UiPath End-to-End Automation Platform
UiPath Studio CE Installation and Setup
💻 Extra training through UiPath Academy:
Introduction to Automation
UiPath Business Automation Platform
Explore automation development with UiPath Studio
👉 Register here for our upcoming Session 2 on June 20: Introduction to UiPath Studio Fundamentals: https://community.uipath.com/events/details/uipath-lagos-presents-session-2-introduction-to-uipath-studio-fundamentals/
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
Tomaz Bratanic
Graph ML and GenAI Expert - Neo4j
Leveraging the Graph for Clinical Trials and Standards
Katja Glaß
OpenStudyBuilder Community Manager - Katja Glaß Consulting
Marius Conjeaud
Principal Consultant - Neo4j
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
This LF Energy webinar took place June 20, 2024. It featured:
-Alex Thornton, LF Energy
-Hallie Cramer, Google
-Daniel Roesler, UtilityAPI
-Henry Richardson, WattTime
In response to the urgency and scale required to effectively address climate change, open source solutions offer significant potential for driving innovation and progress. Currently, there is a growing demand for standardization and interoperability in energy data and modeling. Open source standards and specifications within the energy sector can also alleviate challenges associated with data fragmentation, transparency, and accessibility. At the same time, it is crucial to consider privacy and security concerns throughout the development of open source platforms.
This webinar will delve into the motivations behind establishing LF Energy’s Carbon Data Specification Consortium. It will provide an overview of the draft specifications and the ongoing progress made by the respective working groups.
Three primary specifications will be discussed:
-Discovery and client registration, emphasizing transparent processes and secure and private access
-Customer data, centering around customer tariffs, bills, energy usage, and full consumption disclosure
-Power systems data, focusing on grid data, inclusive of transmission and distribution networks, generation, intergrid power flows, and market settlement data
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
Skybuffer SAM4U tool for SAP license adoption
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Demystifying Knowledge Management through Storytelling
The Department of Veteran Affairs (VA) invited Taylor Paschal, Knowledge & Information Management Consultant at Enterprise Knowledge, to speak at a Knowledge Management Lunch and Learn hosted on June 12, 2024. All Office of Administration staff were invited to attend and received professional development credit for participating in the voluntary event.
The objectives of the Lunch and Learn presentation were to:
- Review what KM ‘is’ and ‘isn’t’
- Understand the value of KM and the benefits of engaging
- Define and reflect on your “what’s in it for me?”
- Share actionable ways you can participate in Knowledge - - Capture & Transfer
Choosing The Best AWS Service For Your Website + API.pptx
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
High performance Serverless Java on AWS- GoTo Amsterdam 2024
Java is for many years one of the most popular programming languages, but it used to have hard times in the Serverless community. Java is known for its high cold start times and high memory footprint, comparing to other programming languages like Node.js and Python. In this talk I'll look at the general best practices and techniques we can use to decrease memory consumption, cold start times for Java Serverless development on AWS including GraalVM (Native Image) and AWS own offering SnapStart based on Firecracker microVM snapshot and restore and CRaC (Coordinated Restore at Checkpoint) runtime hooks. I'll also provide a lot of benchmarking on Lambda functions trying out various deployment package sizes, Lambda memory settings, Java compilation options and HTTP (a)synchronous clients and measure their impact on cold and warm start times.
Recently uploaded (20)
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
Essentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation Parameters
AppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSF
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Northern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
Northern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Session 1 - Intro to Robotic Process Automation.pdf
Session 1 - Intro to Robotic Process Automation.pdf
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Demystifying Knowledge Management through Storytelling
Demystifying Knowledge Management through Storytelling
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
9 CEO's who hit $100m ARR Share Their Top Growth Tactics Nathan Latka, Founde...
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
High performance Serverless Java on AWS- GoTo Amsterdam 2024
High performance Serverless Java on AWS- GoTo Amsterdam 2024
Lets play a game - 0xOPOsec 2018 Summer CTF
- 1. ØxOPOSɆC 2018 Summer Challenge - Mɇɇtuᵽ [Øx6E]
- 3. Have a l00k?!?! Dude… I can’t see sh*t!! What we got: ● HTML only website ● No juicy HTML or JS comments What can we do?? ● Let’s go Neanderthal on it and fuzz ALL the things!!!
- 4. PEW PEW PEW PEW PEW PEW PEW PEW PEW PEW PEW PEW PEW PEW PEW PEW PEW PEW
- 5. Houston we have the sauce code!! $ wget --mirror http://summerchallenge.apl3b.com/002E95AC03 439AF96A79E469AB9B5C872E4A51EE5BEFE23A DEFDE27D148A1ED2F9E90E404859ED34D25836 D81268DE9C50E773E4529D434FABA9D9797A1 362FD/.git/ $ git reset --hard HEAD is now at f2c9fd9 Update 8JUCv3fZ44.html $ curl http://summerchallenge.apl3b.com/002E95AC03 439AF96A79E469AB9B5C872E4A51EE5BEFE23A DEFDE27D148A1ED2F9E90E404859ED34D25836 D81268DE9C50E773E4529D434FABA9D9797A1 362FD/8JUCv3fZ44.html
- 6. Houston we have the sauce code!!
- 7. Lost In Translation Dafuq am I reading??? What we got: ● Weird looking language or code. Is it a programming language? What can we do?? ● Let’s Google-Fu it! Google: “weird programming language”
- 10. Crack me if you can! What we got: ● Random binary that needs cracking But what can we do?....
- 11. The Good
- 12. The Bad
- 13. The Ugly
- 14. The Ugly
- 15. The Ugly
- 16. The Ugly
- 17. We love Web 2.0 What we got: ● Very old Wordpress instance. What can we do?? ● Wpscan FTW!... ● Or… Let’s just go Neanderthal on the login form, use a dictionary attack and hope we...
- 20. Backdooring WordPress 101 Now what?...
- 21. Explorer What we got: ● Web Shell on the Wordpress instance. ● MySQL Credentials. What can we do?? ● What other services is the server running? ● Are the MySQL credentials reused and work on more services?
- 22. Thinking outside the box
- 23. Climbing to the Moon What we got: ● SSH access to the box. ● Low privilege non root shell. What can we do?? ● Google for Privilege Escalation Techniques and Tools and not just Exploits. ● Enumerate ALL the things.
- 24. Old School EoP - SETUID Files
- 25. Old School EoP