The document discusses Spring configuration and Java-based configuration. It covers topics like using @Configuration classes to define beans, @ComponentScan to find beans, @Bean to define beans, and using Java configuration as an alternative to XML configuration in Spring. It also provides examples of configuring ViewResolvers, controllers and enabling Spring MVC features with annotations like @EnableWebMvc.
2019/10/16
初心者向けCTFのWeb分野の強化法
CTFのweb分野を勉強しているものの本番でなかなか解けないと悩んでいないでしょうか?そんな悩みを持った方を対象に、私の経験からweb分野の強化法を解説します。
How to strengthen the CTF Web field for beginners !!
Although you are studying the CTF web field, are you worried that you can't solve it in production?
For those who have such problems, I will explain how to strengthen the web field based on my experience.
(study group) https://yahoo-osaka.connpass.com/event/149524/
The document discusses Spring configuration and Java-based configuration. It covers topics like using @Configuration classes to define beans, @ComponentScan to find beans, @Bean to define beans, and using Java configuration as an alternative to XML configuration in Spring. It also provides examples of configuring ViewResolvers, controllers and enabling Spring MVC features with annotations like @EnableWebMvc.
2019/10/16
初心者向けCTFのWeb分野の強化法
CTFのweb分野を勉強しているものの本番でなかなか解けないと悩んでいないでしょうか?そんな悩みを持った方を対象に、私の経験からweb分野の強化法を解説します。
How to strengthen the CTF Web field for beginners !!
Although you are studying the CTF web field, are you worried that you can't solve it in production?
For those who have such problems, I will explain how to strengthen the web field based on my experience.
(study group) https://yahoo-osaka.connpass.com/event/149524/
The Amazing Toolman - Mastering the tools and propose a hackable "Swiss Army ...SYUE-SIANG SU
The web technology has evolved from being a collection of simple and static pages to fully dynamic applications, and applications are getting more complex than they used to be. Besides, most big firms, such as Google, Facebook, etc, are still suffering from lots of attacks regarding web technology. Therefore, web security has increased in importance in this age.
Imagine being a well-trained expert in Web Security, there are still lots of dirty works have to be done manually when you are penetrating a website, something like finding potential entry points or probing possible attack vectors. Thus, an experienced export will then take advantage of some handy tools in order to deal with these works.
Many tools are out there, however, are actually doing the same thing, or even just a clone of another project, but with a little modification. Hence, we have to wisely choose those best tools out of them. In addition, we have no way using these tools comfortably at once. We often have to open these tools everywhere in every corner and toggle them respectively.
In this slide, I will introduce some handy tools, and then propose a hackable "Swiss Army Knife" security framework for the 21st century. This framework can be used in conjunction with existing tools like Burp, Docker, etc, and also a plenty of web extensions you often used on Chrome and Firefox. In addition, we can control and manage the WebExtension APIs as well, and therefore we can catch the snitch inside web extensions more easily.