This document discusses IzPack, an open source installer toolkit for Java applications. It provides an outline and overview of IzPack features such as cross-platform compatibility, a declarative XML-based descriptor format, compiler to build installers from descriptors, customizable GUI panels, and conditions and variables. The document demonstrates how to build an installer for GlassFish and highlights IzPack's history and community.
This talk covers a basic methodology for finding and fixing problems in a live system. It covers general techniques for finding the source of issues quickly, workarounds, patching, digging into code, when and how to get help.
Visual studio is the one shop stop for most .NET developers; it’s a shame since there are other powerful tools out there.
WinDbg is such a tool – it can help analyze and solve bugs, memory issues, deadlocks and is crucial to solving bugs that are found on the client machines.
The problem is that WinDbg is not as friendly as Visual Studio (to say the least) – or is it?
In this talk I’ll show how a .NET developer can use WinDbg to crash bugs.
(Presentation at HITcon 2011) This talk introduces how to do Android application reverse engineering by real example. And, it covers the advanced topics like optimized DEX and JNI.
PuppetConf 2016: Puppet on Windows – Nicolas Corrarello, PuppetPuppet
Here are the slides from Nicolas Corrarello's PuppetConf 2016 presentation called Puppet on Windows. Watch the videos at https://www.youtube.com/playlist?list=PLV86BgbREluVjwwt-9UL8u2Uy8xnzpIqa
One Step Ahead of Cheaters -- Instrumenting Android EmulatorsPriyanka Aash
"Commercial Android emulators such as NOX, BlueStacks and Leidian are very popular at the moment and most games can run on these emulators fast and soundly. The bad news for game vendors is that these emulators are usually shipped with root permission in the first place. On the other hand, cheating tools developers are happy because they can easily distribute their tools to abusers without requiring the abusers to have a physical rooted device, nor do they need to perform laborious tuning for different Android OS / firmware version. However, luckily for game vendors, commercial Android emulators usually use an x86/ARM mixed-mode emulation for speed-up. As a result, a standard native hooking/DBI framework won't work on this kind of platform. This drawback could discourage the cheating developers.
In this talk, I will introduce a native hooking framework on such a kind of mixed-mode emulators. The talk will include the process start routine of both command-line applications and Android JNI applications as well as how these routines differ on an emulator. The different emulation strategies adopted by different emulators and runtime environments (Dalvik/ART) will also be discussed. Based on these knowledge, I will explain why the existing hooking/DBI frameworks do not work on these emulators and how to make one that works.
Lastly, I will present a demo of using this hooking framework to cheat a game on emulator. With this demo, I will discuss how the dark market of mobile game cheating may develop in the foreseeable future."
This talk covers a basic methodology for finding and fixing problems in a live system. It covers general techniques for finding the source of issues quickly, workarounds, patching, digging into code, when and how to get help.
Visual studio is the one shop stop for most .NET developers; it’s a shame since there are other powerful tools out there.
WinDbg is such a tool – it can help analyze and solve bugs, memory issues, deadlocks and is crucial to solving bugs that are found on the client machines.
The problem is that WinDbg is not as friendly as Visual Studio (to say the least) – or is it?
In this talk I’ll show how a .NET developer can use WinDbg to crash bugs.
(Presentation at HITcon 2011) This talk introduces how to do Android application reverse engineering by real example. And, it covers the advanced topics like optimized DEX and JNI.
PuppetConf 2016: Puppet on Windows – Nicolas Corrarello, PuppetPuppet
Here are the slides from Nicolas Corrarello's PuppetConf 2016 presentation called Puppet on Windows. Watch the videos at https://www.youtube.com/playlist?list=PLV86BgbREluVjwwt-9UL8u2Uy8xnzpIqa
One Step Ahead of Cheaters -- Instrumenting Android EmulatorsPriyanka Aash
"Commercial Android emulators such as NOX, BlueStacks and Leidian are very popular at the moment and most games can run on these emulators fast and soundly. The bad news for game vendors is that these emulators are usually shipped with root permission in the first place. On the other hand, cheating tools developers are happy because they can easily distribute their tools to abusers without requiring the abusers to have a physical rooted device, nor do they need to perform laborious tuning for different Android OS / firmware version. However, luckily for game vendors, commercial Android emulators usually use an x86/ARM mixed-mode emulation for speed-up. As a result, a standard native hooking/DBI framework won't work on this kind of platform. This drawback could discourage the cheating developers.
In this talk, I will introduce a native hooking framework on such a kind of mixed-mode emulators. The talk will include the process start routine of both command-line applications and Android JNI applications as well as how these routines differ on an emulator. The different emulation strategies adopted by different emulators and runtime environments (Dalvik/ART) will also be discussed. Based on these knowledge, I will explain why the existing hooking/DBI frameworks do not work on these emulators and how to make one that works.
Lastly, I will present a demo of using this hooking framework to cheat a game on emulator. With this demo, I will discuss how the dark market of mobile game cheating may develop in the foreseeable future."
Puppet Camp LA 2015 talk covering: packages, package managers, puppet, and tips, tricks, and puppet modules for setting up secure package repositories.
Writing malware while the blue team is staring at youRob Fuller
Talk given at DerbyCon 2016 and RuxCon 2016
Malware authors and reverse engineers have been playing cat and mouse for a number of years now when it comes to writing and reversing of malware. From nation state level malware to the mass malware that infects grandmas and grandpas, mothers and fathers, the different types of malware employ a myriad of techniques to stop those who look at it from guessing the true intent. This talk will be about some of the unorthodox methods employed by some malware to stay hidden from, or out right ignore the reverse engineering community.
O porque das minhas aplicações funcionarem... E o que acontece com os recurso...Comunidade NetPonto
Algum de vocês já pensou no que se transforma o código que fazemos? E qual a diferença entre C# e VB? Onde colocamos as nossas dll's, como devemos pensar nas versões e o que é isso do strong name? Se estiverem duas dll's de versões diferentes qual utilizar e como se altera sem recompilar a aplicação? E ainda, como não permitir que essa alteração aconteça? E o que acontece com os recursos que o meu código utiliza e quais são as boas práticas para que tudo funcione bem?
Esta sessão vai nos responder a todas estas perguntas, numa apresentação sobre sobre Global Assembly Cache (GAC), Intermediate Language (IL) e Garbage Collection (GC), alertando para os detalhes que podem fazer a diferença entre uma aplicação que tem que ser reiniciada todos os dias e uma que fica ligada durante anos.
Android applications are an interesting target for
reverse engineering. They are written in Java, which is tradi-
tionally good to decompile and are executed by Google’s custom
Java virtual machine, making them interesting to study. In this
paper we present the basic methods and approaches as well as
the necessary tools to reverse engineer Android applications. We
discuss how to change Android applications and show alternative
approaches including man-in-the-middle attacks and automation.
An introduction to Zend Framework 1.8 using Zend_Tool, Zend_Application, a simple DAO and a very simple model that uses that DAO.
In the end you have a fully working application
slides of a presentation about cross-platform mobile app development I gave at MobileTechCon 2010 in Mainz (Germany).
Links and additional information on the related blog post at http://HeikoBehrens.net/2010/10/11/cross-platform-app-development-for-iphone-android-co-—-a-comparison-i-presented-at-mobiletechcon-2010/
Debugging PHP with xDebug inside of Eclipse PDT 2.1Bastian Feder
Integrated development plattforms (IDEs) like Eclipse or Netbeans do get more popular these days.
One cause might be the beautiful benefits a developer gains from using an IDE like a type history or a code completion.
This talk shall enable the attendee to get knowleadge about the possibilites of Eclipse PDT to use xDebug as internal debugger
It shows howto install xDebug and give a deep introduction about how to enable Eclipse PDT version 2 to communicate with xDebug.
Another topic of this talk would be the different debugging mechanism Eclipse PDT provides and how they work.
digitalSTROM Developer Day 2011: Wie Heimelektronik und digitalSTROM zusammen...digitalSTROM.org
Manfred Stock, Entwickler bei der Winterthurer Softwareschmiede futureLAB, besprach die Verbindung von etablierter Heimelektronik mit digitalSTROM am Beispiel des Squeezebox Servers von Logitech, der Musik in mehreren Räumen abspielt. Vorausgesetzt die Hard- oder Software bietet eine offene Schnittstelle kann diese via JSON-Schnittstelle mit dem dSS kommunizieren und eine digitalSTROM-Wohnung steuern. Stock programmierte dazu ein Plugin in Perl, das sich in den Squeezebox Server integriert. So wird die Fernbedienung des Soundsystems zum Eingabegerät für digitalSTROM.
Mehr unter: www.digitalstrom.org
You can now use PVS-Studio with Visual Studio absent; just give it the prepro...Andrey Karpov
The new version of the static code analyzer PVS-Studio 5.10 comes with a small utility PVS-Studio Standalone which you may even miss at first. I'd say that's one small step for mankind but one big leap for PVS-Studio :) You can use the current version of this utility in two (for now) ways:
1. View analysis results (the .plog file) saved on another computer without running the Visual Studio IDE.
2. Analyze preprocessed files (generated by any preprocessor beforehand) without a preprocessor and project files or makefiles.
These slides were used during the Glassfish Lightning Talks sessions as part of the CommunityOne 2008 Conference organized by Sun Microsystems (part of the larger JavaOne Conference).
Puppet Camp LA 2015 talk covering: packages, package managers, puppet, and tips, tricks, and puppet modules for setting up secure package repositories.
Writing malware while the blue team is staring at youRob Fuller
Talk given at DerbyCon 2016 and RuxCon 2016
Malware authors and reverse engineers have been playing cat and mouse for a number of years now when it comes to writing and reversing of malware. From nation state level malware to the mass malware that infects grandmas and grandpas, mothers and fathers, the different types of malware employ a myriad of techniques to stop those who look at it from guessing the true intent. This talk will be about some of the unorthodox methods employed by some malware to stay hidden from, or out right ignore the reverse engineering community.
O porque das minhas aplicações funcionarem... E o que acontece com os recurso...Comunidade NetPonto
Algum de vocês já pensou no que se transforma o código que fazemos? E qual a diferença entre C# e VB? Onde colocamos as nossas dll's, como devemos pensar nas versões e o que é isso do strong name? Se estiverem duas dll's de versões diferentes qual utilizar e como se altera sem recompilar a aplicação? E ainda, como não permitir que essa alteração aconteça? E o que acontece com os recursos que o meu código utiliza e quais são as boas práticas para que tudo funcione bem?
Esta sessão vai nos responder a todas estas perguntas, numa apresentação sobre sobre Global Assembly Cache (GAC), Intermediate Language (IL) e Garbage Collection (GC), alertando para os detalhes que podem fazer a diferença entre uma aplicação que tem que ser reiniciada todos os dias e uma que fica ligada durante anos.
Android applications are an interesting target for
reverse engineering. They are written in Java, which is tradi-
tionally good to decompile and are executed by Google’s custom
Java virtual machine, making them interesting to study. In this
paper we present the basic methods and approaches as well as
the necessary tools to reverse engineer Android applications. We
discuss how to change Android applications and show alternative
approaches including man-in-the-middle attacks and automation.
An introduction to Zend Framework 1.8 using Zend_Tool, Zend_Application, a simple DAO and a very simple model that uses that DAO.
In the end you have a fully working application
slides of a presentation about cross-platform mobile app development I gave at MobileTechCon 2010 in Mainz (Germany).
Links and additional information on the related blog post at http://HeikoBehrens.net/2010/10/11/cross-platform-app-development-for-iphone-android-co-—-a-comparison-i-presented-at-mobiletechcon-2010/
Debugging PHP with xDebug inside of Eclipse PDT 2.1Bastian Feder
Integrated development plattforms (IDEs) like Eclipse or Netbeans do get more popular these days.
One cause might be the beautiful benefits a developer gains from using an IDE like a type history or a code completion.
This talk shall enable the attendee to get knowleadge about the possibilites of Eclipse PDT to use xDebug as internal debugger
It shows howto install xDebug and give a deep introduction about how to enable Eclipse PDT version 2 to communicate with xDebug.
Another topic of this talk would be the different debugging mechanism Eclipse PDT provides and how they work.
digitalSTROM Developer Day 2011: Wie Heimelektronik und digitalSTROM zusammen...digitalSTROM.org
Manfred Stock, Entwickler bei der Winterthurer Softwareschmiede futureLAB, besprach die Verbindung von etablierter Heimelektronik mit digitalSTROM am Beispiel des Squeezebox Servers von Logitech, der Musik in mehreren Räumen abspielt. Vorausgesetzt die Hard- oder Software bietet eine offene Schnittstelle kann diese via JSON-Schnittstelle mit dem dSS kommunizieren und eine digitalSTROM-Wohnung steuern. Stock programmierte dazu ein Plugin in Perl, das sich in den Squeezebox Server integriert. So wird die Fernbedienung des Soundsystems zum Eingabegerät für digitalSTROM.
Mehr unter: www.digitalstrom.org
You can now use PVS-Studio with Visual Studio absent; just give it the prepro...Andrey Karpov
The new version of the static code analyzer PVS-Studio 5.10 comes with a small utility PVS-Studio Standalone which you may even miss at first. I'd say that's one small step for mankind but one big leap for PVS-Studio :) You can use the current version of this utility in two (for now) ways:
1. View analysis results (the .plog file) saved on another computer without running the Visual Studio IDE.
2. Analyze preprocessed files (generated by any preprocessor beforehand) without a preprocessor and project files or makefiles.
These slides were used during the Glassfish Lightning Talks sessions as part of the CommunityOne 2008 Conference organized by Sun Microsystems (part of the larger JavaOne Conference).
Pack is a one-stop solution for packaging, distributing and deploying applications. It is able to generate cross platform, Java-based installers that both encompass and embrace the target operating systems heterogeneity (Windows, Mac OS X, Linux, *BSD, Solaris). IzPack is by no mean rigid and lets you compose your installers the way you want through a wide range of existing features and extension points.
This talk will outline: the IzPack features, its use-cases and positioning against other deployment solutions, the history of the project, from a fun hack made in a student dorm-room to an industry-backed international project thoughts on building a project community, licensing matters, sustaining/scaling a project in the long term and business-model considerations.
Given at TechMaine's Java Users Group on Feb 26 2008
Why do we need another build tool when we already have Ant? By focusing on convention over configuration, Maven allows you to declaratively define how your project is built, which reduces a lot of the procedural code that you'd need to implement in every build file if you were using Ant. This, along with Maven's built-in management of repositories for project dependencies, allows you to streamline your build process. Ultimately Maven can reduce the amount of time that would otherwise be wasted hunting down jar files and fiddling with boilerplate build scripts.
This presentation covers Maven's core concepts. It introduces the Plugin architecture, and explain how the most popular plugins are used. It also covers the POM concept and how it relates to dependency tracking and repositories.
The author is managing editor of http://scalacourses.com, which offers self-paced online courses that teach Introductory and Intermediate Scala and Play Framework.
In recent years there has been a tremendous amount of progress and innovation around tools and applications available to web developers that improve the quality, efficiency and speed of our applications, and it is hard to keep up with all of it.
This topic introduces tools to automate the development and deployment workflow of a WordPress web application.
I am showing the main benefits of such a workflow and how it allows making the installation and update of the project fully automatic, predictable, versioned, and ready to be integrated into a continuous deployment system. Tools like Docker and WP-CLI, will be introduced to implement that process along with a simple tool that I have developed to automatically deploy the basic data that a project needs to be up and running.
My mantra? No manual clicks whatsoever in the web interface for configuring WordPress!
This talk will try to cover the most important techniques and best practices used when creating Django web application.
Overview of the topics covered:
- development general principles and goals
- python/django project initial setup - project layout, git&venv&pip&shell, settings
- central project shell command - contains all commands to manage project
- "IDE" - editor & shell
- edit/run/test cycle
- deploy/test-remotely cycle
Disclaimer: techniques and practices presented are current AUTHOR'S optimal choice used for usual django project.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
35. v3.0.0
v2.0 Win32 shortcuts
(rewrite) UserInputPanel
2001
03 08 11 08
2002
v1.0 v2.10.0
CVS @TuxFamily
Fast development
Steady growth, people keep on joining
36. X11
v3.0.0 shortcuts
v2.0 Win32 shortcuts CommunityOne
(rewrite) UserInputPanel GPL JavaOne
2001 2004 2008
03 08 11 08 02 01 05 04 05 10
2002 2005
v1.0 v2.10.0 Move to Move to v4.1.0
CVS @TuxFamily BerliOS Codehaus
Fast development
Steady growth, people keep on joining
37. You decide
to use it for
X11 your next projects
v3.0.0 shortcuts
v2.0 Win32 shortcuts CommunityOne
(rewrite) UserInputPanel GPL JavaOne
2001 2004 2008
03 08 11 08 02 01 05 04 05 10
2002 2005
v1.0 v2.10.0 Move to Move to v4.1.0
CVS @TuxFamily BerliOS Codehaus
Fast development
Steady growth, people keep on joining