The document discusses SPARC, an open instruction set architecture developed by Sun Microsystems. It provides an overview of SPARC features such as the 32-bit and 64-bit versions, 128 general purpose registers, and floating-point unit capabilities. It also describes the register window mechanism and how it is used in a "Hello World" program example.
Depuis FreeBSD 8.0, le SSP est activé automatique pour la compilation de l'OS. Cette option de GCC développée au départ par IBM, permet d'ajouter des mécanismes de protection face aux buffer overflows. La présentation sera accompagnée de sources C et d'étude de la mémoire via GDB. La présentation commencera par le fonctionnement du SSP (via 3 aspects), suivi de l'implémentation sous FreeBSD et son Linux pour finir par l'exploitation dans certains cas de figure.
Depuis FreeBSD 8.0, le SSP est activé automatique pour la compilation de l'OS. Cette option de GCC développée au départ par IBM, permet d'ajouter des mécanismes de protection face aux buffer overflows. La présentation sera accompagnée de sources C et d'étude de la mémoire via GDB. La présentation commencera par le fonctionnement du SSP (via 3 aspects), suivi de l'implémentation sous FreeBSD et son Linux pour finir par l'exploitation dans certains cas de figure.
A 2015 presentation to introduce users to Java profiling. The Yourkit Profiler is used for concrete examples. The following topics are covered:
1) When to profile
2) Profiler sampling
3) Profiler instrumentation
4) Where to Start
5) Macro vs micro benchmarking
php[world] 2016 - You Don’t Need Node.js - Async Programming in PHPAdam Englander
Asynchronous frameworks allow developers to build stateful protocols and Internet of Things applications without threading and forking. Python, Ruby, and Node.js have had asynchronous frameworks for over ten years. PHP is now starting to catch up with Icicle.io. Learn the basics concepts of event based programming, and how the event loop allows a single thread to process all the requests for your application.
Cisco network equipment has always been an attractive attack target due to its prevalence and the key role that it plays in network structure and security.
This equipment is based on a wide variety of OS (firmware) architectures, types, and versions, so it is much harder to develop a universal shellcode. Publicly available Cisco IOS shellcodes are tailored to specific equipment, have narrow functionality, and are not exactly useful for penetration testing.
This talk is the presentation of a research initiated by our research center to create a shellcode which is as easily portable between different IOS firmwares as possible and which provides a lot of pentesting features because it can dynamically change the shellcode destination at the stage of post-exploitation.
We will also consider the possibility of creating a worm which could spread across the infrastructure, from firewall to router, from router to switch, etc.
A 2015 presentation to introduce users to Java profiling. The Yourkit Profiler is used for concrete examples. The following topics are covered:
1) When to profile
2) Profiler sampling
3) Profiler instrumentation
4) Where to Start
5) Macro vs micro benchmarking
php[world] 2016 - You Don’t Need Node.js - Async Programming in PHPAdam Englander
Asynchronous frameworks allow developers to build stateful protocols and Internet of Things applications without threading and forking. Python, Ruby, and Node.js have had asynchronous frameworks for over ten years. PHP is now starting to catch up with Icicle.io. Learn the basics concepts of event based programming, and how the event loop allows a single thread to process all the requests for your application.
Cisco network equipment has always been an attractive attack target due to its prevalence and the key role that it plays in network structure and security.
This equipment is based on a wide variety of OS (firmware) architectures, types, and versions, so it is much harder to develop a universal shellcode. Publicly available Cisco IOS shellcodes are tailored to specific equipment, have narrow functionality, and are not exactly useful for penetration testing.
This talk is the presentation of a research initiated by our research center to create a shellcode which is as easily portable between different IOS firmwares as possible and which provides a lot of pentesting features because it can dynamically change the shellcode destination at the stage of post-exploitation.
We will also consider the possibility of creating a worm which could spread across the infrastructure, from firewall to router, from router to switch, etc.
Copyright (c) 2005, 2006, 2007 Leonardo Caballero.
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.2 or
any later version published by the Free Software Foundation; with no
Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A
copy of the license is included in the section entitled “GNU Free
Documentation License”.
Articulo de ¿Que es Hardware Abierto?, la cual toca los siguientes
temas: Problemática actual, Historia, Lee Felsenstein y el Homebrew
Computer Club, FPGAs y Open Design Circuits. Definición y Filosofía
según su filosofía, Open Hardware, Open source hardware, Free
hardware design, Libre hardware design, Free hardware. Además trata
sobre el Licenciamiento, Comercialización, Modelos de intercambio,
Proyectos, Comunidades de Hardware Abierto, Ventajas y Desventajas,
Situación actual en Venezuela, Conclusiones, Glosario, Referencia.
Licencia: FDL Free Document License.
Formato: OpenOffice.org 2.0 Impress, Writer y PDF.
Duración: 1 hora, más 15 minutos de preguntas.
Dictada en: II CNSL-Mérida, II CNSL-Portuguesa, IV FMCL.
Ultima actualización: 10/04/2007.
Lugar: Mérida, Estado Mérida, Venezuela.
Autor: T.S.U. Leonardo Caballero.
Email: lcaballero at linuxmail.org, leonardocaballero at gmail.com.
Domicilo Web: http://lcaballero.8k.com/
Descarga los archivos PDF y editables: https://finde.gob.ve/frs/?group_id=56&release_id=70
Zend con 2016 - Asynchronous Prorgamming in PHPAdam Englander
Asynchronous frameworks allow developers to build stateful protocol and Internet of Things applications without threading and forking. Python, Ruby, and Node.js have had asynchronous frameworks for over ten years. PHP is now starting to catch up with Icicle.io. Learn the basic concepts of event-based programming and how the event loop allows a single thread to process all the requests for an application.
Bla-blah-blah SAP. Bla-blah-blah big companies. Bla-blah-blah hack multi-million dollar systems. This is how typical SAP Talks are started. But not this time. We are really missing hardcore exploitation stuff and unusual vulnerabilities, no matter where they are. Now it's time for real HARDCORE!
In our presentation, we will tell (and show) how by using a chain of minor vulnerabilities in different SAP services we can take complete control of an affected system. Have you ever heard that a denial of service vulnerability can be used for remote command execution? No, we are not talking about memory corruption. It's about how unexploitablea denial of service vulnerabilities can be exploited together with some minor issues to attack system in a way which you have never imagined.
You'll see the way from Anonymous to SAP_ALL, enjoy!
Software Vulnerabilities in C and C++ (CppCon 2018)Patricia Aas
What does a vulnerability using signed integer overflow look like? Or a stack buffer overflow? How does code like this look and how can we change the way we program to reduce our risk? The first half of this talk will show examples of many different vulnerabilities and describe how these are combined to make the first steps of an exploit. Then we will discuss what kind of programming practices we can employ to reduce the chances of these kinds of bugs creeping into our code.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
6. Hello, world !
.text
.align 4
.global start
start:
mov 0,%o0 ! stdout
set string,%o1 ! address of string
mov 14,%o2 ! number of bytes in string
mov 4,%g1 ! write(2) system call - write(0, string, 14);
ta 0 ! get the kernel to do syscall #4
Register layout for a NetBSD/SunOS system call:
mov 0,%o0 ! exit code 0
%g1 - syscall number
(See /usr/include/sys/syscall.h)
mov 1,%g1 ! _exit(2) system call - exit(0);
%o0 - 1st argument
ta 0 ! get the kernel to do syscall #1
%o1 - 2nd argument (if there that syscall takes a
.align 4 2nd arg)
%o2 - 3rd argument (if there that syscall takes a
string:
3rd arg)
.ascii quot;Hello, World!nquot;
8. VHDL & Verilog
VHDL (Very high speed integrated circuits
Hardware Description Language) — язык
описания аппаратуры высокоскоростных
интегральных схем. (является базовым
языком при разработке аппаратуры
современных вычислительных систем)
Verilog - это язык Verilog: Hello World
описания аппаратуры, module main;
используемый для initial
begin
описания и $display(quot;Hello world!quot;);
$finish;
моделирования end
электронных систем. endmodule
12. SPARC v9 соответствие
Уровень 1 (*)
Реализация корректно интерпретирует все
непривилегированные инструкции (включая прямое
исполнение, имитацию или эмуляцию). Этот уровень
корректно работает с приложениями пользователя и
входит в архитектуру SPARC-V9 ABI
Уровень 2
Реализация корректно интерпретирует все
привилегированные и непривилегированные
инструкции, а так же включает в себя всё
необходимое аппаратное, програмное обеспечение и
програмно-аппаратные средства(firmware) для полной
и корректной реализации.
16. US IMPROV EVANGELIZ
E E E
Спасибо!
Александр Трубин
Sun Campus Ambassador, УрГУ
Alexander.Trubin@sun.com
http://blogs.sun.com/atr
“open” artwork and icons by chandan:
http://blogs.sun.com/chandan