A talk i had about the solid principles at AngularJS-IL meetup #15. AngularJS is a great framework, it give you the tools you need to build robust single page web applications. Nut a good design and architecture are framework agnostic. By applying some well known object oriented principles to our angular application we can achieve more clean and modular code base.
- About Web Objects
- How are they insecure
- Where do they reside in OWASP Top 10
- Access Control issues
- Compliant and non-compliant codes
- Test cases
- About Web Objects
- How are they insecure
- Where do they reside in OWASP Top 10
- Access Control issues
- Compliant and non-compliant codes
- Test cases
Slides from my latest talk (and videos) about Angular dependency
injection, You can find related videos here: https://www.youtube.com/playlist?list=PLfZsWIHsTcftJl7WlidsXSBAHBXQBR4j2
Cross site scripting (XSS) is a type of computer security vulnerability typically found in web applications, but in proposing defensive measures for cross site scripting the websites validate the user input and determine if they are vulnerable to cross site scripting. The major considerations are input validation and output sanitization.
There are lots of defense techniques introduced nowadays and even though the coding methods used by developers are evolving to counter attack cross site scripting techniques, still the security threat persist in many web applications for the following reasons:
• The complexity of implementing the codes or methods.
• Non-existence of input data validation and output sanitization in all input fields of the application.
• Lack of knowledge in identifying hidden XSS issues etc.
This proposed project report will briefly discuss what cross site scripting is and highlight the security features and defense techniques that can help against this widely versatile attack.
"15 Technique to Exploit File Upload Pages", Ebrahim HegazyHackIT Ukraine
During the session we will go through different methods of exploiting file upload pages in order to trigger Remote Code Execution, SQL Injection, Directory Traversal, DOS, Cross Site Scripting and else of web application vulnerabilities with demo codes. Also, we will see things from both Developers and Attackers side. What are the protections done by Developers to mitigate file upload issues by validating File Name, File Content-Type, actual File Content and how to bypass it All using 15 Technique!
Garage4Hackers Ranchoddas Webcast Series - Bypassing Modern WAF's Exemplified...Garage4hackers.com
Presentation slides of Garage4Hackers Ranchoddas Webcast Series - Bypassing Modern WAF's Exemplified At XSS by Rafay Baloch. Ask all your question's related to the webcast here http://goo.gl/Vv10hJ. Don't forget to leave you feedback here https://goo.gl/YrBeic.
Companion slides for Stormpath CTO and Co-Founder Les REST API Security Webinar. This presentation covers all the RESTful best practices learned building the Stormpath APIs. This webinar is full of best practices learned building the Stormpath API and supporting authentication for thousands of projects. Topics Include:
- HTTP Authentication
- Choosing a Security Protocol
- Generating & Managing API Keys
- Authorization & Scopes
- Token Authentication with JSON Web Tokens (JWTs)
- Much more...
Stormpath is a User Management API that reduces development time with instant-on, scalable user infrastructure. Stormpath's intuitive API and expert support make it easy for developers to authenticate, manage and secure users and roles in any application.
Creating Element,Element Entry,Validation with Input Parameters,Input Parameters,Error in Input Parameter,Assign the Element,Fast Formula,Input parameter with Fast Formula,Validation Rules,oracle HRMS, ora17hr, oraclehrms,oraclepayroll,elements
Cyber attacks are a real and growing threat to businesses and an increasing number of attacks take place at application layer. The best defence against is to develop applications where security is incorporated as part of the software development lifecycle.
The OWASP Top 10 Proactive Controls project is designed to integrate security in the software development lifecycle. In this special presentation for PHPNW, based on v2.0 released this year, you will learn how to incorporate security into your software projects.
Recommended to all developers who want to learn the security techniques that can help them build more secure applications.
I did this presentation for one of my java user groups at work.
Basically, this is a mashed up version of various presentations, slides and images that I gathered over the internet.
I've quoted the sources in the end. Feel free to reuse it as you like.
How Angular2 Can Improve Your AngularJS Apps Today!Nir Kaufman
Are you ready to migrate your Angular1 project to Angular2? through this slides you will discover some tips that can make your current application better and ready for future migration. A link for reference project can be found inside.
Slides from my latest talk (and videos) about Angular dependency
injection, You can find related videos here: https://www.youtube.com/playlist?list=PLfZsWIHsTcftJl7WlidsXSBAHBXQBR4j2
Cross site scripting (XSS) is a type of computer security vulnerability typically found in web applications, but in proposing defensive measures for cross site scripting the websites validate the user input and determine if they are vulnerable to cross site scripting. The major considerations are input validation and output sanitization.
There are lots of defense techniques introduced nowadays and even though the coding methods used by developers are evolving to counter attack cross site scripting techniques, still the security threat persist in many web applications for the following reasons:
• The complexity of implementing the codes or methods.
• Non-existence of input data validation and output sanitization in all input fields of the application.
• Lack of knowledge in identifying hidden XSS issues etc.
This proposed project report will briefly discuss what cross site scripting is and highlight the security features and defense techniques that can help against this widely versatile attack.
"15 Technique to Exploit File Upload Pages", Ebrahim HegazyHackIT Ukraine
During the session we will go through different methods of exploiting file upload pages in order to trigger Remote Code Execution, SQL Injection, Directory Traversal, DOS, Cross Site Scripting and else of web application vulnerabilities with demo codes. Also, we will see things from both Developers and Attackers side. What are the protections done by Developers to mitigate file upload issues by validating File Name, File Content-Type, actual File Content and how to bypass it All using 15 Technique!
Garage4Hackers Ranchoddas Webcast Series - Bypassing Modern WAF's Exemplified...Garage4hackers.com
Presentation slides of Garage4Hackers Ranchoddas Webcast Series - Bypassing Modern WAF's Exemplified At XSS by Rafay Baloch. Ask all your question's related to the webcast here http://goo.gl/Vv10hJ. Don't forget to leave you feedback here https://goo.gl/YrBeic.
Companion slides for Stormpath CTO and Co-Founder Les REST API Security Webinar. This presentation covers all the RESTful best practices learned building the Stormpath APIs. This webinar is full of best practices learned building the Stormpath API and supporting authentication for thousands of projects. Topics Include:
- HTTP Authentication
- Choosing a Security Protocol
- Generating & Managing API Keys
- Authorization & Scopes
- Token Authentication with JSON Web Tokens (JWTs)
- Much more...
Stormpath is a User Management API that reduces development time with instant-on, scalable user infrastructure. Stormpath's intuitive API and expert support make it easy for developers to authenticate, manage and secure users and roles in any application.
Creating Element,Element Entry,Validation with Input Parameters,Input Parameters,Error in Input Parameter,Assign the Element,Fast Formula,Input parameter with Fast Formula,Validation Rules,oracle HRMS, ora17hr, oraclehrms,oraclepayroll,elements
Cyber attacks are a real and growing threat to businesses and an increasing number of attacks take place at application layer. The best defence against is to develop applications where security is incorporated as part of the software development lifecycle.
The OWASP Top 10 Proactive Controls project is designed to integrate security in the software development lifecycle. In this special presentation for PHPNW, based on v2.0 released this year, you will learn how to incorporate security into your software projects.
Recommended to all developers who want to learn the security techniques that can help them build more secure applications.
I did this presentation for one of my java user groups at work.
Basically, this is a mashed up version of various presentations, slides and images that I gathered over the internet.
I've quoted the sources in the end. Feel free to reuse it as you like.
How Angular2 Can Improve Your AngularJS Apps Today!Nir Kaufman
Are you ready to migrate your Angular1 project to Angular2? through this slides you will discover some tips that can make your current application better and ready for future migration. A link for reference project can be found inside.
Finally, in javaScript 2015 we get 2 new built-in data structures that makes our life a little bit easier. On this lecture, we will explore various implementations of common data structures in javaScript using Arrays, Objects and the new members in javaScript 2015: Maps and Sets.
Redux is an architectural pattern inspired by concepts from stateless web architecture patterns and functional programing paradigms. It introduces a unidirectional data-flow and a predictable state container that scales. It's a popular mind-blowing alternative to the popular MVC pattern, and solves a lot of issues in an elegant and clean way.
While Redux is view agnostic and can be used with any view library, we will build our presentation layer with Angular2.
This is the companion slides for the Front-End.IL meetup talk that took place on May 12 2015 @ Google campus TLV.
Learn how to set up an ES6 development environment with minimal effort, using modern tools like JSPM and webpack.
Grab the code here:
https://github.com/nirkaufman/es6-up-and-running
Slides for the Angular After Hours meetup group: https://www.meetup.com/Angular-AfterHours/events/232687733/
This session is all about pipes: what they are and how to build our own. By the end of this workshop we will build an open source library of angular pipes! Don't forget to checkout the Angular After Hours repository on github: https://github.com/Angular-AfterHours/pipes
Slides for the 2016 Redux & Angular workshop. Redux is a popular library for state management. This workshop is about understanding how to use Redux and how to integrate it wit Angular 2
A presentation made for the AngularJS-IL meetup group that took place in May 2014 at Google TLV Campus. its a demonstration of Unit testing an AngularJS component with jasmine and karma.
Slides for my talk about webstorm that took place at AngularIL meetup. This talk was about practical tips and tricks to get the most out of WebStorm IDE.
A presentation made for the AngularJS-IL meetup group that took place in jan 2014 at Google TLV Campus.
its a demonstration of how to integrate requireJS with AngularJS to achieve lazy loading and registration of angular components after bootstrap.
this slideshow contain a link for a working demo
AngularJS is an open-source JavaScript framework from Google that makes developing rich web applications much easier. Slides used in the fisrt AngularJS Zürich Meetup.
Code can be found at https://github.com/carlos-/ajs-intro
Presentation made for the #11 AngularJS-IL meetup group.
(http://www.meetup.com/AngularJS-IL/events/222633741/)
How you can use webpack to leverage modularity in you AngularJS projects.
This slides comes with an example code that you can grab here:
https://github.com/nirkaufman/angular-snake
A presentation made for the AngularJS-IL meetup group that took place in oct 2014 at Google TLV Campus (http://www.meetup.com/AngularJS-IL/events/207559572/)
its an overview of how to use services in your app. this slideshow contain a link for a reference code on github.
(link in the last slide)
Angular js - 10 reasons to choose angularjs Nir Kaufman
A presentation made for the AngularJS-ILl that took place in july 2014 at Google TLV Campus (http://www.meetup.com/AngularJS-IL/events/189970902/)
its an overview angularjs features from an architact perspective.
this slideshow contain a link for reference code.
Slides from the "Data flow architecture in angular2 with redux". Introduction to Redux, it's inspirations and implementation. Join the "AngularJS-IL" meetup group for more community events and workshops! (http://www.meetup.com/AngularJS-IL/events/229660127/)
A presentation made for the NG-CONF Israel that took place in jun 2014 at Google TLV Campus (http://ng-conf.gdg.co.il/)
its an overview of how to use ngRoute and UI-Router in your app this slideshow contain a link for a working demo
Presentation made for the NG-CONF Israel 2015
(http://ng-conf.co.il/)
Angular2 is just around the corner.. so, how can we prepare our angular 1.x code base to the migration?
An example project that come along with those slides available on Github (links inside)
28.03.15. Одесса. Impact Hub Odessa. Конференция JSLab.
Алексей Волков. "React на практике"
Доклад освещает практические аспекты использования React.js в различном окружении. React и модели Backbone. React и таблицы стилей, а также React в мобильном вебе. Будет полезно как и тем, кто только интересуется этой библиотекой, а также опытным разработчикам.
Подробнее:
http://geekslab.co/
https://www.facebook.com/GeeksLab.co
https://www.youtube.com/user/GeeksLabVideo
Building Reusable Custom Elements With AngularIlia Idakiev
What are Web Components and how we use them. What is Angular Elements and how can we package our angular components as custom elements and reuse them everywhere.
Demos: https://github.com/iliaidakiev/slides/
First Steps in Drupal Code Driven DevelopmentNuvole
"First Steps in Code Driven Development" covers basic techniques and good practices. Presented during the "Developer Session" at Krimson office, Antwerp (BE), the 27th of May 2010.
MVC Design Pattern in JavaScript by ADMEC Multimedia InstituteRavi Bhadauria
This presentation is one of the best presentations from our study material for our JavaScript Object Oriented workshops which ADMEC conducts every week at the
center.
Building an End-to-End AngularJS ApplicationDan Wahlin
This talk discusses how AngularJS can be used to build an end-to-end Customer Manager application. It covers structuring code and files, working with events, XHR interceptors, plus more.
Google App Engine in 40 minutes (the absolute essentials)Python Ireland
This talk covers just the stuff needed to get you up-to-speed with Google App Engine and its associated technologies (based on the Python run-time, of course). In addition to a bit of talking, Paul will also demo a working webapp built and deployed on the App Engine cloud... all in 40 minutes.
Presentation about the native browser way for building web components. We look at examples and the pros and cons of doing it natively and using a library. At the end we look at the Angular way of wrapping custom components into Custom Elements.
Angular Prestige: Less-known API and techniquesNir Kaufman
Get more from Angular with these less-known API and techniques
Angular has a rich API. Sometimes, it's easy to miss some of the hidden gems that can make our Angular experience better.
In 30 minutes I'll share less known - but practical - API and techniques for common (and less-common) use cases. Think you know everything about Angular? you might get surprised :
The Angular CLI is already a powerful tool that automates our development process for maximum productivity. During this session, we will take a step forward and learn why and how to extend the Angular CLI to perform a complexed, customized series of operations on our project with CLI Builders. Get ready for a productivity boost!
Slides from the NestJS MasterClass.
We learned how to build JavaScript server-side applications with NestJS - A progressive NodeJS framework built with TypeScript.
You can find the code on GitHub:
https://github.com/nirkaufman/task-manager
The slides from my Redux patterns talk at JSheroes conference April 2018. You can find the code here:
https://github.com/thinking-in-redux/redux-patterns-workshop
In this talk I'm discussing messaging design patterns for event driven programming in Redux
Angular EE - Special Workshop by Nir KaufmanNir Kaufman
Slides from the 'Angular EE' workshop.
This workshop was all about architecture, Angular module patterns and state management using NGRX - redux inspired library for Angular on top of RxJS
The reference code for my talk about decorators in javascript. The slides contain mostly text, so please visit the following link for code examples: https://github.com/demo-projects/decorators-in-javascript
There are multiple ways to style a component in Angular. This slide was created for my talk at AngularIL August meet up and contains recepis for styling.
Introduction To Angular's reactive formsNir Kaufman
Slides from my Angular Reactive Forms talk at JSHeroes conference. Most of the talk based on live coding demo, but the slides shows some general feeling and info.
AngularJS performance & production tipsNir Kaufman
This is the companion slides for the AngularJS-IL meetup 9 talk - that took place on January 13 2015 @ Google campus TLV.
Grab the code here: https://github.com/nirkaufman/angularjs-performance-tips
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
3. Nir Kaufman
- I don’t really need glasses to see
- This photo is a photoshop
- In reality I’m in color (and fatter)
Head of AngularJS Development @ 500Tech
5. “We are not happy with our app.
it should be modular,
easy to extend and maintain.
It’s hard to understand the flow,
feels like a spaghetti
of presentation and business logic.
- frontend team at {{ company.name }}
21. All major frameworks introduce
the same concepts.
Don’t make a switch for the
wrong reasons. Switching
to another framework won’t
solve your design problems.