u to upload a document in exchange for another document on Scribd for free. Unless you have a document of value you’d like to contribute to the site, you can create any kind of document you want. If you have a word processor installed on your computer, like Word or Apple Pages, you can use that to create a short, meaningless document. Alternatively, you can use Google Docs to create a free document on your computer and download it to your device. u to upload a document in exchange for another document on Scribd for free. Unless you have a document of value you’d like to contribute to the site, you can create any kind of document you want. If you have a word processor installed on your computer, like Word or Apple Pages, you can use that to create a short, meaningless document. Alternatively, you can use Google Docs to create a free document on your computer and download it to your devic. u to upload a document in exchange for another document on Scribd for free. Unless you have a document of value you’d like to contribute to the site, you can create any kind of document you want. If you have a word processor installed on your computer, like Word or Apple Pages, you can use that to create a short, meaningless document. Alternatively, you can use Google Docs to create a free document on your computer and download it to your devic
This document contains a collection of 90 YouTube video links related to web application penetration testing. The videos are grouped into 5 phases: history and web technology basics, setting up labs with Burp Suite and bWAPP, mapping the application and attack surface, understanding and exploiting the OWASP top 10 vulnerabilities, and specific videos from IBM, F5 Central, and Luke Briner on various vulnerabilities. The document provides resources for learning about penetration testing and exploiting common web application vulnerabilities.
In preparation for your computer system servicing assessment day.It is a whole package and an outline of the competencies that you need to passed and accomplished for you to be ready to be assisted.
The document contains a collection of links to various resources about programming including Twitter profiles of programmers, YouTube videos on topics like Google Cloud Platform and ASP.NET Core, and blog posts on using Roslyn and enforcing coding guidelines. It also contains messages of encouragement and contact information for Anatoly Kulakov.
This document provides various resources for a filmmaking unit, including lesson plans, classroom layout ideas, presentations on shot types, video examples of different shots, assignments on shots and student videos, rubrics, exemplar student videos, storyboarding materials, filming location lists, video editing tutorials, and more. The resources cover teaching film techniques, assigning video projects, and assessing student work.
Chile 2009 - US State Department Speaker program and INACAP "Best Practices i...Alexandra M. Pickett
Handout for presentations on my US state department and INACAP invited tour of Chile. September 26-October 10, 2009. Presentations made at:
la Universidad de Artes, Ciencias, y Communicación - UNIACC - Santiago
Universidad Tecnológica de Chile - INACAP - Santiago
INACAP - Concepción
Unerversidad del Bío-Bío - Concepción
INACAP - Valparaíso
Pontificia Universidad Católica de Valparaíso
-PUCV
Universidad Católica de Chile (PUC) - Santiago
The document provides 17 YouTube video links on various topics related to exam preparation for rehabilitation. The videos cover topics like vivavoce exams, time management skills, calculation of total hip replacement, clinical practice flowcharts, teaching methods and aids, and opening a new physiotherapy clinic. The links are intended to help with exam preparation.
The document provides links to several YouTube videos related to a press conference held by Mantri Tranquil developers regarding a new housing project. It also includes email addresses and links for contacting the developers. Additional links point to images and articles about electric vehicle charging stations and renewable energy installations like solar arrays. The final links reference a Sanskrit blog about ancient Indian literature and culture.
The document lists various Informatica scenarios explained through video tutorials, including how to separate duplicate and distinct values using aggregators, load the top 5 records by salary without rank, and load every 4th record into a target table. It also provides tutorials for common Informatica transformations like filters, routers, joins, aggregators, and lookups.
This document contains a collection of 90 YouTube video links related to web application penetration testing. The videos are grouped into 5 phases: history and web technology basics, setting up labs with Burp Suite and bWAPP, mapping the application and attack surface, understanding and exploiting the OWASP top 10 vulnerabilities, and specific videos from IBM, F5 Central, and Luke Briner on various vulnerabilities. The document provides resources for learning about penetration testing and exploiting common web application vulnerabilities.
In preparation for your computer system servicing assessment day.It is a whole package and an outline of the competencies that you need to passed and accomplished for you to be ready to be assisted.
The document contains a collection of links to various resources about programming including Twitter profiles of programmers, YouTube videos on topics like Google Cloud Platform and ASP.NET Core, and blog posts on using Roslyn and enforcing coding guidelines. It also contains messages of encouragement and contact information for Anatoly Kulakov.
This document provides various resources for a filmmaking unit, including lesson plans, classroom layout ideas, presentations on shot types, video examples of different shots, assignments on shots and student videos, rubrics, exemplar student videos, storyboarding materials, filming location lists, video editing tutorials, and more. The resources cover teaching film techniques, assigning video projects, and assessing student work.
Chile 2009 - US State Department Speaker program and INACAP "Best Practices i...Alexandra M. Pickett
Handout for presentations on my US state department and INACAP invited tour of Chile. September 26-October 10, 2009. Presentations made at:
la Universidad de Artes, Ciencias, y Communicación - UNIACC - Santiago
Universidad Tecnológica de Chile - INACAP - Santiago
INACAP - Concepción
Unerversidad del Bío-Bío - Concepción
INACAP - Valparaíso
Pontificia Universidad Católica de Valparaíso
-PUCV
Universidad Católica de Chile (PUC) - Santiago
The document provides 17 YouTube video links on various topics related to exam preparation for rehabilitation. The videos cover topics like vivavoce exams, time management skills, calculation of total hip replacement, clinical practice flowcharts, teaching methods and aids, and opening a new physiotherapy clinic. The links are intended to help with exam preparation.
The document provides links to several YouTube videos related to a press conference held by Mantri Tranquil developers regarding a new housing project. It also includes email addresses and links for contacting the developers. Additional links point to images and articles about electric vehicle charging stations and renewable energy installations like solar arrays. The final links reference a Sanskrit blog about ancient Indian literature and culture.
The document lists various Informatica scenarios explained through video tutorials, including how to separate duplicate and distinct values using aggregators, load the top 5 records by salary without rank, and load every 4th record into a target table. It also provides tutorials for common Informatica transformations like filters, routers, joins, aggregators, and lookups.
This document provides an extensive list of online tools and resources that can be used to build a professional learning network (PLN). It discusses the functions and stages of adopting a PLN. It then lists various social networking sites, blogs, wikis, video platforms, collaboration tools, and online conferencing options for connecting with other educators and sharing knowledge. The resources highlighted can help users engage with peers, find professional development opportunities, and strengthen their PLN.
This document provides an overview of the functions and stages of developing a professional learning network (PLN) and lists many online tools and resources that can be used to build and engage with a PLN, including social networks, blogs, wikis, microblogs, video sharing, and collaborative workspaces. It also describes opportunities for participating in online conferences and communities through these various digital tools and platforms.
Handout for my Teaching Outside the "Box" invited presentation for the professional development event "going beyond google" at Monroe Community College by the division of science, health, and business on January 21, 2010.
http://prezi.com/cjmoerciiegp/
Step out of the CMS box with me for a presentation on how freely available web2.0 tools such as twitter are used in my online course and could be used to enhance instruction in general. Tools will be demonstrated, uses will be discussed, and examples shown.
Online social networking, social computing, folksonomy/ social/ collaborative tagging, data mashups, ubiquitous broadband, wireless, hand-held and mobile computing, mobile broadband, and the cultural shift from passive consumers of content to engaged user-generators of content, have brought about a grassroots revolution: we have experienced a global democratization of access to tools, information, experts, content, professional development, and education as evinced by the open courseware and open source software initiatives that have changed how education is delivered, conducted, and defined.
It is important for those of us in the field of online education, as responsible netizens and educators in this moment, to participate, to evaluate, to document, and to expose our students to and engage them in this process. Effective online pedagogical/andragogical practices require that we use the online medium to achieve specific learning objectives and leverage the options and limitations of the online teaching and learning environment to make teaching and learning better, faster, safer, easier, and cheaper. It is not about immigrants vs. natives; it is about enhancing instruction with appropriate technologies that promote student engagement, interaction, and learning.
I incorporated these various web2.0 tools into the course for various reasons, but primarily to open the course boundaries beyond the CMS box to provide students with authentic social learning experiences. I also wanted student access to content they created and contributed to the class to persist beyond the end of the term. I will share with participants the lessons learned as I experimented with ways to enhance online instruction. Student survey results and comments will be presented.
The document outlines a web design video lesson plan consisting of several parts: 1) integrating template layouts and adding navigation bars using HTML and CSS, 2) developing page content like forms and color schemes, 3) creating a web banner in Photoshop, 4) lessons on adding and styling divs, and 5) tutorials on navigation bars and CSS text tools. It also includes additional resources on fonts, layouts, code checkers, HTML5 tools, and mobile development.
The document outlines a web design video lesson plan consisting of several parts: 1) integrating template layouts and adding navigation bars using HTML and CSS, 2) developing page content like forms and color schemes, 3) creating a web banner in Photoshop, 4) lessons on adding and styling divs, and 5) tutorials on navigation bars and CSS text tools. It also includes additional resources on fonts, layouts, code checkers, HTML5 tools, and mobile development.
This document contains a list of 15 YouTube video links related to programming concepts in Java including variables and arithmetic operations, if/else statements, for loops, while loops, break and continue statements, loops for generating series of numbers and Fibonacci sequences, switch and case statements, arrays, two-dimensional arrays, object-oriented programming in Java, classes, objects and methods, inheritance in Java, and polymorphism.
The document outlines resources for learning web design, including YouTube video tutorials on integrating template layouts in HTML and CSS, developing page content through planning forms and color schemes, and creating divisions and navigation bars. It also lists additional references on CSS styling, text formatting, layouts, and tools for web development.
This document discusses design and tool flows for VLSI and FPGA development. It provides links to resources on EDA tools, SystemC vs C++ high-level synthesis, C++ concurrency, Verilog design flows, courses on patent law and policies, Freescale processors, sample jobs requiring skills in circuit simulation, layout, and more. Application processors from Intel, Android and iOS development are also covered.
The document provides a list of 31 YouTube video links related to learning data engineering for free. It covers topics like programming languages (Python, Java, Scala), SQL, basic Linux commands, data modeling, big data, Spark, Kafka, data orchestration with Airflow. Specific videos provide tutorials on Python, SQL, Linux, data modeling, big data concepts, Spark, Airflow, and end-to-end data engineering projects. The goal is to provide a complete guide to learning data engineering through free online video resources.
This document contains the summary of a presentation on shift-left testing. It introduces the speaker and defines shift-left testing as testing early in the software development life cycle (SDLC) to detect defects earlier. Potential issues with not doing shift-left testing include slowly receiving user feedback, testing becoming a bottleneck, delayed releases, and costly bugs. The benefits outlined include preventing issues earlier, detecting defects sooner, enhanced test coverage, streamlined workflows, and reduced costs. Key promoters are improving testability, cross-team collaboration, continuous integration/delivery, and growth mindset. Best practices discussed include proper planning, understanding requirements, specifying quality standards, and embracing automation. The takeaways encourage collaborating with developers and getting involved in
Jaunākās Open Access publikācijas (2011.gada oktobris)Bibliotēku portāls
This document provides information about various open access resources including websites, organizations, and events. It summarizes recent publications on open access from EIFL, OAD, Open Access News, and other sources. Web addresses are provided for accessing information on open access weeks, guidelines, journals, repositories, and more.
The document provides 15 YouTube video links on topics related to preparing for an exam in physiotherapy, including dos and don'ts for a viva voce exam, exam preparation tips, how to solve multiple choice questions, making PowerPoint presentations, and risk factors for heart disease. It wishes the recipient best of luck on their exam and states the YouTube videos will be helpful for preparation.
Apps are software programs designed to run on smartphones, tablets, and other mobile devices. The term "app" is short for "application." Successful apps tend to be easy to use, solve specific user problems, and provide value to customers. The document provides information on what apps are, where the term comes from, key characteristics of apps, and examples of popular apps in different categories like AutoCAD 360 Pro, Paper by FiftyThree, Archisketch, Magic Plan, and Autodesk FormIt.
This document provides information about mobile web debugging and development tools. It discusses Chrome DevTools, Weinre (a web inspector tool for remote debugging), iOS Simulator, Safari, and Android debugging. It provides links to documentation and tutorials about setting up remote debugging with these various tools.
This document lists over 50 mobile applications across various categories such as note taking, surveys, blogging, productivity suites, QR codes, voice recording, images, videos, news, and more. Each application is listed along with its website URL. The applications allow users to take notes, conduct surveys, blog, use productivity and organization tools, scan QR codes, record and share voice memos, photos and videos, read news, and create presentations, eBooks, and videos on mobile devices. The document was created by Adelina Moura in 2012.
This document contains a list of 10 online resources related to the region of Lambayeque in Peru. The resources include YouTube videos, websites providing general information about Lambayeque, images related to Lambayeque's culture and cuisine, and blogs discussing Lambayeque's Semana Santa religious traditions.
This document provides links to 6 YouTube videos that comprise a tutorial on using Proteus software. The videos cover: designing a schematic and performing a simulation; preparing a circuit; creating components in ARES; adding a component to the ISIS library; configuring for printing; and adding text to the PCB layout.
The document provides revision resources for Year 11 English exam skills at The Cherwell School, including videos and top tips on reading skills like finding information, inference, language use, and exam technique. Writing skills covered include planning, paragraph structure, sentence accuracy, vocabulary, spelling, and focusing on different exam question types. Each skill lists relevant video links on YouTube to support student learning.
The document discusses Really Simple Syndication (RSS) feeds, podcasting, mashups, and the future of Web 2.0. It provides an overview and resources for each topic. RSS feeds allow content from a website to be syndicated and updated on other sites. Podcasting involves distributing audio and video files over the Internet for playback on various devices. Mashups combine data from different sources. The future of Web 2.0 may include greater integration of tools/platforms and a focus on mobile and literacy skills. Students are assigned tasks related to developing an updated blog, mind map, and exploring additional RSS, podcast and mashup resources.
Machine learning (including deep and reinforcement learning) and blockchain are two of the most noticeable technologies in recent years. The first one is the foundation of artificial intelligence and big data, and the second one has significantly disrupted the financial industry. Both technologies are data-driven, and thus there are rapidly growing interests in integrating them for more secure and efficient data sharing and analysis. In this paper, we review the research on combining blockchain and machine learning technologies and demonstrate that they can collaborate efficiently and effectively. In the end, we point out some future directions and expect more researches on deeper integration of the two promising technologies.
Comparative analysis between traditional aquaponics and reconstructed aquapon...bijceesjournal
The aquaponic system of planting is a method that does not require soil usage. It is a method that only needs water, fish, lava rocks (a substitute for soil), and plants. Aquaponic systems are sustainable and environmentally friendly. Its use not only helps to plant in small spaces but also helps reduce artificial chemical use and minimizes excess water use, as aquaponics consumes 90% less water than soil-based gardening. The study applied a descriptive and experimental design to assess and compare conventional and reconstructed aquaponic methods for reproducing tomatoes. The researchers created an observation checklist to determine the significant factors of the study. The study aims to determine the significant difference between traditional aquaponics and reconstructed aquaponics systems propagating tomatoes in terms of height, weight, girth, and number of fruits. The reconstructed aquaponics system’s higher growth yield results in a much more nourished crop than the traditional aquaponics system. It is superior in its number of fruits, height, weight, and girth measurement. Moreover, the reconstructed aquaponics system is proven to eliminate all the hindrances present in the traditional aquaponics system, which are overcrowding of fish, algae growth, pest problems, contaminated water, and dead fish.
This document provides an extensive list of online tools and resources that can be used to build a professional learning network (PLN). It discusses the functions and stages of adopting a PLN. It then lists various social networking sites, blogs, wikis, video platforms, collaboration tools, and online conferencing options for connecting with other educators and sharing knowledge. The resources highlighted can help users engage with peers, find professional development opportunities, and strengthen their PLN.
This document provides an overview of the functions and stages of developing a professional learning network (PLN) and lists many online tools and resources that can be used to build and engage with a PLN, including social networks, blogs, wikis, microblogs, video sharing, and collaborative workspaces. It also describes opportunities for participating in online conferences and communities through these various digital tools and platforms.
Handout for my Teaching Outside the "Box" invited presentation for the professional development event "going beyond google" at Monroe Community College by the division of science, health, and business on January 21, 2010.
http://prezi.com/cjmoerciiegp/
Step out of the CMS box with me for a presentation on how freely available web2.0 tools such as twitter are used in my online course and could be used to enhance instruction in general. Tools will be demonstrated, uses will be discussed, and examples shown.
Online social networking, social computing, folksonomy/ social/ collaborative tagging, data mashups, ubiquitous broadband, wireless, hand-held and mobile computing, mobile broadband, and the cultural shift from passive consumers of content to engaged user-generators of content, have brought about a grassroots revolution: we have experienced a global democratization of access to tools, information, experts, content, professional development, and education as evinced by the open courseware and open source software initiatives that have changed how education is delivered, conducted, and defined.
It is important for those of us in the field of online education, as responsible netizens and educators in this moment, to participate, to evaluate, to document, and to expose our students to and engage them in this process. Effective online pedagogical/andragogical practices require that we use the online medium to achieve specific learning objectives and leverage the options and limitations of the online teaching and learning environment to make teaching and learning better, faster, safer, easier, and cheaper. It is not about immigrants vs. natives; it is about enhancing instruction with appropriate technologies that promote student engagement, interaction, and learning.
I incorporated these various web2.0 tools into the course for various reasons, but primarily to open the course boundaries beyond the CMS box to provide students with authentic social learning experiences. I also wanted student access to content they created and contributed to the class to persist beyond the end of the term. I will share with participants the lessons learned as I experimented with ways to enhance online instruction. Student survey results and comments will be presented.
The document outlines a web design video lesson plan consisting of several parts: 1) integrating template layouts and adding navigation bars using HTML and CSS, 2) developing page content like forms and color schemes, 3) creating a web banner in Photoshop, 4) lessons on adding and styling divs, and 5) tutorials on navigation bars and CSS text tools. It also includes additional resources on fonts, layouts, code checkers, HTML5 tools, and mobile development.
The document outlines a web design video lesson plan consisting of several parts: 1) integrating template layouts and adding navigation bars using HTML and CSS, 2) developing page content like forms and color schemes, 3) creating a web banner in Photoshop, 4) lessons on adding and styling divs, and 5) tutorials on navigation bars and CSS text tools. It also includes additional resources on fonts, layouts, code checkers, HTML5 tools, and mobile development.
This document contains a list of 15 YouTube video links related to programming concepts in Java including variables and arithmetic operations, if/else statements, for loops, while loops, break and continue statements, loops for generating series of numbers and Fibonacci sequences, switch and case statements, arrays, two-dimensional arrays, object-oriented programming in Java, classes, objects and methods, inheritance in Java, and polymorphism.
The document outlines resources for learning web design, including YouTube video tutorials on integrating template layouts in HTML and CSS, developing page content through planning forms and color schemes, and creating divisions and navigation bars. It also lists additional references on CSS styling, text formatting, layouts, and tools for web development.
This document discusses design and tool flows for VLSI and FPGA development. It provides links to resources on EDA tools, SystemC vs C++ high-level synthesis, C++ concurrency, Verilog design flows, courses on patent law and policies, Freescale processors, sample jobs requiring skills in circuit simulation, layout, and more. Application processors from Intel, Android and iOS development are also covered.
The document provides a list of 31 YouTube video links related to learning data engineering for free. It covers topics like programming languages (Python, Java, Scala), SQL, basic Linux commands, data modeling, big data, Spark, Kafka, data orchestration with Airflow. Specific videos provide tutorials on Python, SQL, Linux, data modeling, big data concepts, Spark, Airflow, and end-to-end data engineering projects. The goal is to provide a complete guide to learning data engineering through free online video resources.
This document contains the summary of a presentation on shift-left testing. It introduces the speaker and defines shift-left testing as testing early in the software development life cycle (SDLC) to detect defects earlier. Potential issues with not doing shift-left testing include slowly receiving user feedback, testing becoming a bottleneck, delayed releases, and costly bugs. The benefits outlined include preventing issues earlier, detecting defects sooner, enhanced test coverage, streamlined workflows, and reduced costs. Key promoters are improving testability, cross-team collaboration, continuous integration/delivery, and growth mindset. Best practices discussed include proper planning, understanding requirements, specifying quality standards, and embracing automation. The takeaways encourage collaborating with developers and getting involved in
Jaunākās Open Access publikācijas (2011.gada oktobris)Bibliotēku portāls
This document provides information about various open access resources including websites, organizations, and events. It summarizes recent publications on open access from EIFL, OAD, Open Access News, and other sources. Web addresses are provided for accessing information on open access weeks, guidelines, journals, repositories, and more.
The document provides 15 YouTube video links on topics related to preparing for an exam in physiotherapy, including dos and don'ts for a viva voce exam, exam preparation tips, how to solve multiple choice questions, making PowerPoint presentations, and risk factors for heart disease. It wishes the recipient best of luck on their exam and states the YouTube videos will be helpful for preparation.
Apps are software programs designed to run on smartphones, tablets, and other mobile devices. The term "app" is short for "application." Successful apps tend to be easy to use, solve specific user problems, and provide value to customers. The document provides information on what apps are, where the term comes from, key characteristics of apps, and examples of popular apps in different categories like AutoCAD 360 Pro, Paper by FiftyThree, Archisketch, Magic Plan, and Autodesk FormIt.
This document provides information about mobile web debugging and development tools. It discusses Chrome DevTools, Weinre (a web inspector tool for remote debugging), iOS Simulator, Safari, and Android debugging. It provides links to documentation and tutorials about setting up remote debugging with these various tools.
This document lists over 50 mobile applications across various categories such as note taking, surveys, blogging, productivity suites, QR codes, voice recording, images, videos, news, and more. Each application is listed along with its website URL. The applications allow users to take notes, conduct surveys, blog, use productivity and organization tools, scan QR codes, record and share voice memos, photos and videos, read news, and create presentations, eBooks, and videos on mobile devices. The document was created by Adelina Moura in 2012.
This document contains a list of 10 online resources related to the region of Lambayeque in Peru. The resources include YouTube videos, websites providing general information about Lambayeque, images related to Lambayeque's culture and cuisine, and blogs discussing Lambayeque's Semana Santa religious traditions.
This document provides links to 6 YouTube videos that comprise a tutorial on using Proteus software. The videos cover: designing a schematic and performing a simulation; preparing a circuit; creating components in ARES; adding a component to the ISIS library; configuring for printing; and adding text to the PCB layout.
The document provides revision resources for Year 11 English exam skills at The Cherwell School, including videos and top tips on reading skills like finding information, inference, language use, and exam technique. Writing skills covered include planning, paragraph structure, sentence accuracy, vocabulary, spelling, and focusing on different exam question types. Each skill lists relevant video links on YouTube to support student learning.
The document discusses Really Simple Syndication (RSS) feeds, podcasting, mashups, and the future of Web 2.0. It provides an overview and resources for each topic. RSS feeds allow content from a website to be syndicated and updated on other sites. Podcasting involves distributing audio and video files over the Internet for playback on various devices. Mashups combine data from different sources. The future of Web 2.0 may include greater integration of tools/platforms and a focus on mobile and literacy skills. Students are assigned tasks related to developing an updated blog, mind map, and exploring additional RSS, podcast and mashup resources.
Machine learning (including deep and reinforcement learning) and blockchain are two of the most noticeable technologies in recent years. The first one is the foundation of artificial intelligence and big data, and the second one has significantly disrupted the financial industry. Both technologies are data-driven, and thus there are rapidly growing interests in integrating them for more secure and efficient data sharing and analysis. In this paper, we review the research on combining blockchain and machine learning technologies and demonstrate that they can collaborate efficiently and effectively. In the end, we point out some future directions and expect more researches on deeper integration of the two promising technologies.
Similar to web pentesting link and sources.pdf (20)
Comparative analysis between traditional aquaponics and reconstructed aquapon...bijceesjournal
The aquaponic system of planting is a method that does not require soil usage. It is a method that only needs water, fish, lava rocks (a substitute for soil), and plants. Aquaponic systems are sustainable and environmentally friendly. Its use not only helps to plant in small spaces but also helps reduce artificial chemical use and minimizes excess water use, as aquaponics consumes 90% less water than soil-based gardening. The study applied a descriptive and experimental design to assess and compare conventional and reconstructed aquaponic methods for reproducing tomatoes. The researchers created an observation checklist to determine the significant factors of the study. The study aims to determine the significant difference between traditional aquaponics and reconstructed aquaponics systems propagating tomatoes in terms of height, weight, girth, and number of fruits. The reconstructed aquaponics system’s higher growth yield results in a much more nourished crop than the traditional aquaponics system. It is superior in its number of fruits, height, weight, and girth measurement. Moreover, the reconstructed aquaponics system is proven to eliminate all the hindrances present in the traditional aquaponics system, which are overcrowding of fish, algae growth, pest problems, contaminated water, and dead fish.
Design and optimization of ion propulsion dronebjmsejournal
Electric propulsion technology is widely used in many kinds of vehicles in recent years, and aircrafts are no exception. Technically, UAVs are electrically propelled but tend to produce a significant amount of noise and vibrations. Ion propulsion technology for drones is a potential solution to this problem. Ion propulsion technology is proven to be feasible in the earth’s atmosphere. The study presented in this article shows the design of EHD thrusters and power supply for ion propulsion drones along with performance optimization of high-voltage power supply for endurance in earth’s atmosphere.
Electric vehicle and photovoltaic advanced roles in enhancing the financial p...IJECEIAES
Climate change's impact on the planet forced the United Nations and governments to promote green energies and electric transportation. The deployments of photovoltaic (PV) and electric vehicle (EV) systems gained stronger momentum due to their numerous advantages over fossil fuel types. The advantages go beyond sustainability to reach financial support and stability. The work in this paper introduces the hybrid system between PV and EV to support industrial and commercial plants. This paper covers the theoretical framework of the proposed hybrid system including the required equation to complete the cost analysis when PV and EV are present. In addition, the proposed design diagram which sets the priorities and requirements of the system is presented. The proposed approach allows setup to advance their power stability, especially during power outages. The presented information supports researchers and plant owners to complete the necessary analysis while promoting the deployment of clean energy. The result of a case study that represents a dairy milk farmer supports the theoretical works and highlights its advanced benefits to existing plants. The short return on investment of the proposed approach supports the paper's novelty approach for the sustainable electrical system. In addition, the proposed system allows for an isolated power setup without the need for a transmission line which enhances the safety of the electrical network
Discover the latest insights on Data Driven Maintenance with our comprehensive webinar presentation. Learn about traditional maintenance challenges, the right approach to utilizing data, and the benefits of adopting a Data Driven Maintenance strategy. Explore real-world examples, industry best practices, and innovative solutions like FMECA and the D3M model. This presentation, led by expert Jules Oudmans, is essential for asset owners looking to optimize their maintenance processes and leverage digital technologies for improved efficiency and performance. Download now to stay ahead in the evolving maintenance landscape.
Embedded machine learning-based road conditions and driving behavior monitoringIJECEIAES
Car accident rates have increased in recent years, resulting in losses in human lives, properties, and other financial costs. An embedded machine learning-based system is developed to address this critical issue. The system can monitor road conditions, detect driving patterns, and identify aggressive driving behaviors. The system is based on neural networks trained on a comprehensive dataset of driving events, driving styles, and road conditions. The system effectively detects potential risks and helps mitigate the frequency and impact of accidents. The primary goal is to ensure the safety of drivers and vehicles. Collecting data involved gathering information on three key road events: normal street and normal drive, speed bumps, circular yellow speed bumps, and three aggressive driving actions: sudden start, sudden stop, and sudden entry. The gathered data is processed and analyzed using a machine learning system designed for limited power and memory devices. The developed system resulted in 91.9% accuracy, 93.6% precision, and 92% recall. The achieved inference time on an Arduino Nano 33 BLE Sense with a 32-bit CPU running at 64 MHz is 34 ms and requires 2.6 kB peak RAM and 139.9 kB program flash memory, making it suitable for resource-constrained embedded systems.
An improved modulation technique suitable for a three level flying capacitor ...IJECEIAES
This research paper introduces an innovative modulation technique for controlling a 3-level flying capacitor multilevel inverter (FCMLI), aiming to streamline the modulation process in contrast to conventional methods. The proposed
simplified modulation technique paves the way for more straightforward and
efficient control of multilevel inverters, enabling their widespread adoption and
integration into modern power electronic systems. Through the amalgamation of
sinusoidal pulse width modulation (SPWM) with a high-frequency square wave
pulse, this controlling technique attains energy equilibrium across the coupling
capacitor. The modulation scheme incorporates a simplified switching pattern
and a decreased count of voltage references, thereby simplifying the control
algorithm.
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...shadow0702a
This document serves as a comprehensive step-by-step guide on how to effectively use PyCharm for remote debugging of the Windows Subsystem for Linux (WSL) on a local Windows machine. It meticulously outlines several critical steps in the process, starting with the crucial task of enabling permissions, followed by the installation and configuration of WSL.
The guide then proceeds to explain how to set up the SSH service within the WSL environment, an integral part of the process. Alongside this, it also provides detailed instructions on how to modify the inbound rules of the Windows firewall to facilitate the process, ensuring that there are no connectivity issues that could potentially hinder the debugging process.
The document further emphasizes on the importance of checking the connection between the Windows and WSL environments, providing instructions on how to ensure that the connection is optimal and ready for remote debugging.
It also offers an in-depth guide on how to configure the WSL interpreter and files within the PyCharm environment. This is essential for ensuring that the debugging process is set up correctly and that the program can be run effectively within the WSL terminal.
Additionally, the document provides guidance on how to set up breakpoints for debugging, a fundamental aspect of the debugging process which allows the developer to stop the execution of their code at certain points and inspect their program at those stages.
Finally, the document concludes by providing a link to a reference blog. This blog offers additional information and guidance on configuring the remote Python interpreter in PyCharm, providing the reader with a well-rounded understanding of the process.
Redefining brain tumor segmentation: a cutting-edge convolutional neural netw...IJECEIAES
Medical image analysis has witnessed significant advancements with deep learning techniques. In the domain of brain tumor segmentation, the ability to
precisely delineate tumor boundaries from magnetic resonance imaging (MRI)
scans holds profound implications for diagnosis. This study presents an ensemble convolutional neural network (CNN) with transfer learning, integrating
the state-of-the-art Deeplabv3+ architecture with the ResNet18 backbone. The
model is rigorously trained and evaluated, exhibiting remarkable performance
metrics, including an impressive global accuracy of 99.286%, a high-class accuracy of 82.191%, a mean intersection over union (IoU) of 79.900%, a weighted
IoU of 98.620%, and a Boundary F1 (BF) score of 83.303%. Notably, a detailed comparative analysis with existing methods showcases the superiority of
our proposed model. These findings underscore the model’s competence in precise brain tumor localization, underscoring its potential to revolutionize medical
image analysis and enhance healthcare outcomes. This research paves the way
for future exploration and optimization of advanced CNN models in medical
imaging, emphasizing addressing false positives and resource efficiency.
Redefining brain tumor segmentation: a cutting-edge convolutional neural netw...
web pentesting link and sources.pdf
1. Web Application Penetration Testing
Phase 1 – History
1. History of Internet - https://www.youtube.com/watch?v=9hIQjrMHTv4
Phase 2 – Web and Server Technology
2. Basic concepts of web applications, how they work and the HTTP protocol - https://www.youtube.com/watch?v=RsQ1tFLwldY&t=7s
3. HTML basics part 1 - https://www.youtube.com/watch?v=p6fRBGI_BY0
4. HTML basics part 2 - https://www.youtube.com/watch?v=Zs6lzuBVK2w
5. Difference between static and dynamic website - https://www.youtube.com/watch?v=hlg6q6OFoxQ
6. HTTP protocol Understanding - https://www.youtube.com/watch?v=JFZMyhRTVt0
7. Parts of HTTP Request -https://www.youtube.com/watch?v=pHFWGN-upGM
8. Parts of HTTP Response - https://www.youtube.com/watch?v=c9sMNc2PrMU
9. Various HTTP Methods - https://www.youtube.com/watch?v=PO7D20HsFsY
10. Understanding URLS - https://www.youtube.com/watch?v=5Jr-_Za5yQM
11. Intro to REST - https://www.youtube.com/watch?v=YCcAE2SCQ6k
12. HTTP Request & Response Headers - https://www.youtube.com/watch?v=vAuZwirKjWs
13. What is a cookie - https://www.youtube.com/watch?v=I01XMRo2ESg
14. HTTP Status codes - https://www.youtube.com/watch?v=VLH3FMQ5BIQ
15. HTTP Proxy - https://www.youtube.com/watch?v=qU0PVSJCKcs
16. Authentication with HTTP - https://www.youtube.com/watch?v=GxiFXUFKo1M
17. HTTP basic and digest authentication - https://www.youtube.com/watch?v=GOnhCbDhMzk
18. What is “Server-Side” - https://www.youtube.com/watch?v=JnCLmLO9LhA
19. Server and client side with example - https://www.youtube.com/watch?v=DcBB2Fp8WNI
20. What is a session - https://www.youtube.com/watch?v=WV4DJ6b0jhg&t=202s
21. Introduction to UTF-8 and Unicode - https://www.youtube.com/watch?v=sqPTR_v4qFA
22. URL encoding - https://www.youtube.com/watch?v=Z3udiqgW1VA
23. HTML encoding - https://www.youtube.com/watch?v=IiAfCLWpgII&t=109s
24. Base64 encoding - https://www.youtube.com/watch?v=8qkxeZmKmOY
25. Hex encoding & ASCII - https://www.youtube.com/watch?v=WW2SaCMnHdU
2. Phase 3 – Setting up the lab with BurpSuite and bWAPP
MANISH AGRAWAL
26. Setup lab with bWAPP - https://www.youtube.com/watch?v=dwtUn3giwTk&index=1&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV
27. Set up Burp Suite - https://www.youtube.com/watch?v=hQsT4rSa_v0&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV&index=2
28. Configure Firefox and add certificate - https://www.youtube.com/watch?v=hfsdJ69GSV4&index=3&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV
29. Mapping and scoping website - https://www.youtube.com/watch?v=H-_iVteMDRo&index=4&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV
30. Spidering - https://www.youtube.com/watch?v=97uMUQGIe14&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV&index=5
31. Active and passive scanning - https://www.youtube.com/watch?v=1Mjom6AcFyU&index=6&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV
32. Scanner options and demo - https://www.youtube.com/watch?v=gANi4Kt7-ek&index=7&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV
33. Introduction to password security - https://www.youtube.com/watch?v=FwcUhcLO9iM&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV&index=8
34. Intruder - https://www.youtube.com/watch?v=wtMg9oEMTa8&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV&index=9
35. Intruder attack types - https://www.youtube.com/watch?v=N5ndYPwddkQ&index=10&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV
36. Payload settings - https://www.youtube.com/watch?v=5GpdlbtL-1Q&index=11&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV
37. Intruder settings - https://www.youtube.com/watch?v=B_Mu7jmOYnU&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV&index=12
ÆTHER SECURITY LAB
38. No.1 Penetration testing tool - https://www.youtube.com/watch?v=AVzC7ETqpDo&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA&index=1
39. Environment Setup - https://www.youtube.com/watch?v=yqnUOdr0eVk&index=2&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA
40. General concept - https://www.youtube.com/watch?v=udl4oqr_ylM&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA&index=3
41. Proxy module - https://www.youtube.com/watch?v=PDTwYFkjQBE&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA&index=4
42. Repeater module - https://www.youtube.com/watch?v=9Zh_7s5csCc&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA&index=5
43. Target and spider module - https://www.youtube.com/watch?v=dCKPZUSOlr8&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA&index=6
44. Sequencer and scanner module - https://www.youtube.com/watch?v=G-v581pXerE&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA&index=7
Phase 4 – Mapping the application and attack surface
45. Spidering - https://www.youtube.com/watch?v=97uMUQGIe14&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV&index=5
46. Mapping application using robots.txt - https://www.youtube.com/watch?v=akuzgZ75zrk
47. Discover hidden contents using dirbuster - https://www.youtube.com/watch?v=--nu9Jq07gA
48. Dirbuster in detail - https://www.youtube.com/watch?v=2tOQC68hAcQ
49. Discover hidden directories and files with intruder - https://www.youtube.com/watch?v=4Fz9mJeMNkI
50. Directory bruteforcing 1 - https://www.youtube.com/watch?v=ch2onB_LFoI
51. Directory bruteforcing 2 - https://www.youtube.com/watch?v=ASMW_oLbyIg
52. Identify application entry points - https://www.youtube.com/watch?v=IgJWPZ2OKO8&t=34s
53. Identify application entry points - https://www.owasp.org/index.php/Identify_application_entry_points_(OTG-INFO-006)
54. Identify client and server technology - https://www.youtube.com/watch?v=B8jN_iWjtyM
3. 55. Identify server technology using banner grabbing (telnet) - https://www.youtube.com/watch?v=O67M-U2UOAg
56. Identify server technology using httprecon - https://www.youtube.com/watch?v=xBBHtS-dwsM
57. Pentesting with Google dorks Introduction - https://www.youtube.com/watch?v=NmdrKFwAw9U
58. Fingerprinting web server - https://www.youtube.com/watch?v=tw2VdG0t5kc&list=PLxLRoXCDIalcRS5Nb1I_HM_OzS10E6lqp&index=10
59. Use Nmap for fingerprinting web server - https://www.youtube.com/watch?v=VQV-y_-AN80
60. Review webs servers metafiles for information leakage - https://www.youtube.com/watch?v=sds3Zotf_ZY
61. Enumerate applications on web server - https://www.youtube.com/watch?v=lfhvvTLN60E
62. Identify application entry points - https://www.youtube.com/watch?v=97uMUQGIe14&list=PLDeogY2Qr-tGR2NL2X1AR5Zz9t1iaWwlM
63. Map execution path through application - https://www.youtube.com/watch?v=0I0NPiyo9UI
64. Fingerprint web application frameworks - https://www.youtube.com/watch?v=ASzG0kBoE4c
Phase 5 – Understanding and exploiting OWASP top 10 vulnerabilities
65. A closer look at all owasp top 10 vulnerabilities - https://www.youtube.com/watch?v=avFR_Af0KGk
IBM
66. Injection - https://www.youtube.com/watch?v=02mLrFVzIYU&index=1&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d
67. Broken authentication and session management -
https://www.youtube.com/watch?v=iX49fqZ8HGA&index=2&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d
68. Cross-site scripting - https://www.youtube.com/watch?v=x6I5fCupLLU&index=3&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d
69. Insecure direct object reference - https://www.youtube.com/watch?v=-iCyp9Qz3CI&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d&index=4
70. Security misconfiguration - https://www.youtube.com/watch?v=cIplXL8idyo&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d&index=5
71. Sensitive data exposure - https://www.youtube.com/watch?v=rYlzTQlF8Ws&index=6&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d
72. Missing functional level access controls - https://www.youtube.com/watch?v=VMv_gyCNGpk&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d&index=7
73. Cross-site request forgery - https://www.youtube.com/watch?v=_xSFm3KGxh0&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d&index=8
74. Using components with known vulnerabilities -
https://www.youtube.com/watch?v=bhJmVBJ-F-4&index=9&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d
75. Unvalidated redirects and forwards - https://www.youtube.com/watch?v=L6bYKiLtSL8&index=10&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d
F5 CENTRAL
76. Injection - https://www.youtube.com/watch?v=rWHvp7rUka8&index=1&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD
77. Broken authentication and session management -
https://www.youtube.com/watch?v=mruO75ONWy8&index=2&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD
78. Insecure deserialisation - https://www.youtube.com/watch?v=nkTBwbnfesQ&index=8&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD
79. Sensitive data exposure - https://www.youtube.com/watch?v=2RKbacrkUBU&index=3&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD
80. Broken access control - https://www.youtube.com/watch?v=P38at6Tp8Ms&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD&index=5
81. Insufficient logging and monitoring - https://www.youtube.com/watch?v=IFF3tkUOF5E&index=10&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD
4. 82. XML external entities - https://www.youtube.com/watch?v=g2ey7ry8_CQ&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD&index=4
83. Using components with known vulnerabilities -
https://www.youtube.com/watch?v=IGsNYVDKRV0&index=9&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD
84. Cross-site scripting - https://www.youtube.com/watch?v=IuzU4y-UjLw&index=7&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD
85. Security misconfiguration - https://www.youtube.com/watch?v=JuGSUMtKTPU&index=6&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD
LUKE BRINER
86. Injection explained - https://www.youtube.com/watch?v=1qMggPJpRXM&index=1&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X
87. Broken authentication and session management -
https://www.youtube.com/watch?v=fKnG15BL4AY&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X&index=2
88. Cross-site scripting - https://www.youtube.com/watch?v=ksM-xXeDUNs&index=3&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X
89. Insecure direct object reference - https://www.youtube.com/watch?v=ZodA76-CB10&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X&index=4
90. Security misconfiguration - https://www.youtube.com/watch?v=DfFPHKPCofY&index=5&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X
91. Sensitive data exposure - https://www.youtube.com/watch?v=Z7hafbGDVEE&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X&index=6
92. Missing functional level access control - https://www.youtube.com/watch?v=RGN3w831Elo&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X&index=7
93. Cross-site request forgery - https://www.youtube.com/watch?v=XRW_US5BCxk&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X&index=8
94. Components with known vulnerabilities - https://www.youtube.com/watch?v=pbvDW9pJdng&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X&index=9
95. Unvalidated redirects and forwards - https://www.youtube.com/watch?v=bHTglpgC5Qg&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X&index=10
Phase 6 – Session management testing
96. Bypass authentication using cookie manipulation - https://www.youtube.com/watch?v=mEbmturLljU
97. Cookie Security Via httponly and secure Flag - OWASP - https://www.youtube.com/watch?v=3aKA4RkAg78
98. Penetration testing Cookies basic - https://www.youtube.com/watch?v=_P7KN8T1boc
99. Session fixation 1 - https://www.youtube.com/watch?v=ucmgeHKtxaI
100. Session fixation 2 - https://www.youtube.com/watch?v=0Tu1qxysWOk
101. Session fixation 3 - https://www.youtube.com/watch?v=jxwgpWvRUSo
102. Session fixation 4 - https://www.youtube.com/watch?v=eUbtW0Z0W1g
103. CSRF - Cross site request forgery 1 - https://www.youtube.com/watch?v=m0EHlfTgGUU
104. CSRF - Cross site request forgery 2 - https://www.youtube.com/watch?v=H3iu0_ltcv4
105. CSRF - Cross site request forgery 3 - https://www.youtube.com/watch?v=1NO4I28J-0s
106. CSRF - Cross site request forgery 4 - https://www.youtube.com/watch?v=XdEJEUJ0Fr8
107. CSRF - Cross site request forgery 5 - https://www.youtube.com/watch?v=TwG0Rd0hr18
108. Session puzzling 1 - https://www.youtube.com/watch?v=YEOvmhTb8xA
109. Admin bypass using session hijacking - https://www.youtube.com/watch?v=1wp1o-1TfAc
5. Phase 7 – Bypassing client-side controls
110. What is hidden forms in HTML - https://www.youtube.com/watch?v=orUoGsgaYAE
111. Bypassing hidden form fields using tamper data - https://www.youtube.com/watch?v=NXkGX2sPw7I
112. Bypassing hidden form fields using Burp Suite (Purchase application) - https://www.youtube.com/watch?v=xahvJyUFTfM
113. Changing price on eCommerce website using parameter tampering - https://www.youtube.com/watch?v=A-ccNpP06Zg
114. Understanding cookie in detail - https://www.youtube.com/watch?v=_P7KN8T1boc&list=PLWPirh4EWFpESKWJmrgQwmsnTrL_K93Wi&index=18
115. Cookie tampering with tamper data- https://www.youtube.com/watch?v=NgKXm0lBecc
116. Cookie tamper part 2 - https://www.youtube.com/watch?v=dTCt_I2DWgo
117. Understanding referer header in depth using Cisco product - https://www.youtube.com/watch?v=GkQnBa3C7WI&t=35s
118. Introduction to ASP.NET viewstate - https://www.youtube.com/watch?v=L3p6Uw6SSXs
119. ASP.NET viewstate in depth - https://www.youtube.com/watch?v=Fn_08JLsrmY
120. Analyse sensitive data in ASP.NET viewstate - https://msdn.microsoft.com/en-us/library/ms972427.aspx?f=255&MSPPError=-2147217396
121. Cross-origin-resource-sharing explanation with example - https://www.youtube.com/watch?v=Ka8vG5miErk
122. CORS demo 1 - https://www.youtube.com/watch?v=wR8pjTWaEbs
123. CORS demo 2 - https://www.youtube.com/watch?v=lg31RYYG-T4
124. Security headers - https://www.youtube.com/watch?v=TNlcoYLIGFk
125. Security headers 2 - https://www.youtube.com/watch?v=ZZUvmVkkKu4
Phase 8 – Attacking authentication/login
126. Attacking login panel with bad password - Guess username password for the website and try different combinations
127. Brute-force login panel - https://www.youtube.com/watch?v=25cazx5D_vw
128. Username enumeration - https://www.youtube.com/watch?v=WCO7LnSlskE
129. Username enumeration with bruteforce password attack - https://www.youtube.com/watch?v=zf3-pYJU1c4
130. Authentication over insecure HTTP protocol - https://www.youtube.com/watch?v=ueSG7TUqoxk
131. Authentication over insecure HTTP protocol - https://www.youtube.com/watch?v=_WQe36pZ3mA
132. Forgot password vulnerability - case 1 - https://www.youtube.com/watch?v=FEUidWWnZwU
133. Forgot password vulnerability - case 2 - https://www.youtube.com/watch?v=j7-8YyYdWL4
134. Login page autocomplete feature enabled - https://www.youtube.com/watch?v=XNjUfwDmHGc&t=33s
135. Testing for weak password policy - https://www.owasp.org/index.php/Testing_for_Weak_password_policy_(OTG-AUTHN-007)
136. Insecure distribution of credentials - When you register in any website or you request for a password reset using forgot password feature, if the
website sends your username and password over the email in cleartext without sending the password reset link, then it is a vulnerability.
137. Test for credentials transportation using SSL/TLS certificate - https://www.youtube.com/watch?v=21_IYz4npRs
138. Basics of MySQL - https://www.youtube.com/watch?v=yPu6qV5byu4
139. Testing browser cache - https://www.youtube.com/watch?v=2T_Xz3Humdc
140. Bypassing login panel -case 1 - https://www.youtube.com/watch?v=TSqXkkOt6oM
141. Bypass login panel - case 2 - https://www.youtube.com/watch?v=J6v_W-LFK1c
7. 158. What is XSS - https://www.youtube.com/watch?v=cbmBDiR6WaY
159. Reflected XSS demo - https://www.youtube.com/watch?v=r79ozjCL7DA
160. XSS attack method using burpsuite - https://www.youtube.com/watch?v=OLKBZNw3OjQ
161. XSS filter bypass with Xenotix - https://www.youtube.com/watch?v=loZSdedJnqc
162. Reflected XSS filter bypass 1 - https://www.youtube.com/watch?v=m5rlLgGrOVA
163. Reflected XSS filter bypass 2 - https://www.youtube.com/watch?v=LDiXveqQ0gg
164. Reflected XSS filter bypass 3 - https://www.youtube.com/watch?v=hb_qENFUdOk
165. Reflected XSS filter bypass 4 - https://www.youtube.com/watch?v=Fg1qqkedGUk
166. Reflected XSS filter bypass 5 - https://www.youtube.com/watch?v=NImym71f3Bc
167. Reflected XSS filter bypass 6 - https://www.youtube.com/watch?v=9eGzAym2a5Q
168. Reflected XSS filter bypass 7 - https://www.youtube.com/watch?v=ObfEI84_MtM
169. Reflected XSS filter bypass 8 - https://www.youtube.com/watch?v=2c9xMe3VZ9Q
170. Reflected XSS filter bypass 9 - https://www.youtube.com/watch?v=-48zknvo7LM
171. Introduction to Stored XSS - https://www.youtube.com/watch?v=SHmQ3sQFeLE
172. Stored XSS 1 - https://www.youtube.com/watch?v=oHIl_pCahsQ
173. Stored XSS 2 - https://www.youtube.com/watch?v=dBTuWzX8hd0
174. Stored XSS 3 - https://www.youtube.com/watch?v=PFG0lkMeYDc
175. Stored XSS 4 - https://www.youtube.com/watch?v=YPUBFklUWLc
176. Stored XSS 5 - https://www.youtube.com/watch?v=x9Zx44EV-Og
SQL injection
177. Part 1 - Install SQLi lab - https://www.youtube.com/watch?v=NJ9AA1_t1Ic&index=23&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro
178. Part 2 - SQL lab series - https://www.youtube.com/watch?v=TA2h_kUqfhU&index=22&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro
179. Part 3 - SQL lab series - https://www.youtube.com/watch?v=N0zAChmZIZU&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=21
180. Part 4 - SQL lab series - https://www.youtube.com/watch?v=6pVxm5mWBVU&index=20&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro
181. Part 5 - SQL lab series - https://www.youtube.com/watch?v=0tyerVP9R98&index=19&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro
182. Part 6 - Double query injection - https://www.youtube.com/watch?v=zaRlcPbfX4M&index=18&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro
183. Part 7 - Double query injection cont.. - https://www.youtube.com/watch?v=9utdAPxmvaI&index=17&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro
184. Part 8 - Blind injection boolean based - https://www.youtube.com/watch?v=u7Z7AIR6cMI&index=16&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro
185. Part 9 - Blind injection time based - https://www.youtube.com/watch?v=gzU1YBu_838&index=15&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro
186. Part 10 - Dumping DB using outfile - https://www.youtube.com/watch?v=ADW844OA6io&index=14&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro
187. Part 11 - Post parameter injection error based -
https://www.youtube.com/watch?v=6sQ23tqiTXY&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=13
188. Part 12 - POST parameter injection double query based -
https://www.youtube.com/watch?v=tjFXWQY4LuA&index=12&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro
189. Part 13 - POST parameter injection blind boolean and time based -
https://www.youtube.com/watch?v=411G-4nH5jE&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=10
190. Part 14 - Post parameter injection in UPDATE query -
https://www.youtube.com/watch?v=2FgLcPuU7Vw&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=11
8. 191. Part 15 - Injection in insert query - https://www.youtube.com/watch?v=ZJiPsWxXYZs&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=9
192. Part 16 - Cookie based injection - https://www.youtube.com/watch?v=-A3vVqfP8pA&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=8
193. Part 17 - Second order injection -https://www.youtube.com/watch?v=e9pbC5BxiAE&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=7
194. Part 18 - Bypassing blacklist filters - 1 - https://www.youtube.com/watch?v=5P-knuYoDdw&index=6&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro
195. Part 19 - Bypassing blacklist filters - 2 - https://www.youtube.com/watch?v=45BjuQFt55Y&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=5
196. Part 20 - Bypassing blacklist filters - 3 - https://www.youtube.com/watch?v=c-Pjb_zLpH0&index=4&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro
197. Part 21 - Bypassing WAF - https://www.youtube.com/watch?v=uRDuCXFpHXc&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=2
198. Part 22 - Bypassing WAF - Impedance mismatch -
https://www.youtube.com/watch?v=ygVUebdv_Ws&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=3
199. Part 23 - Bypassing addslashes - charset mismatch -
https://www.youtube.com/watch?v=du-jkS6-sbo&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=1
NoSQL injection
200. Introduction to NoSQL injection - https://www.youtube.com/watch?v=h0h37-Dwd_A
201. Introduction to SQL vs NoSQL - Difference between MySQL and MongoDB with tutorial - https://www.youtube.com/watch?v=QwevGzVu_zk
202. Abusing NoSQL databases - https://www.youtube.com/watch?v=lcO1BTNh8r8
203. Making cry - attacking NoSQL for pentesters - https://www.youtube.com/watch?v=NgsesuLpyOg
Xpath and XML injection
204. Introduction to Xpath injection - https://www.youtube.com/watch?v=2_UyM6Ea0Yk&t=3102s
205. Introduction to XML injection - https://www.youtube.com/watch?v=9ZokuRHo-eY
206. Practical 1 - bWAPP - https://www.youtube.com/watch?v=6tV8EuaHI9M
207. Practical 2 - Mutillidae - https://www.youtube.com/watch?v=fV0qsqcScI4
208. Practical 3 - webgoat - https://www.youtube.com/watch?v=5ZDSPVp1TpM
209. Hack admin panel using Xpath injection - https://www.youtube.com/watch?v=vvlyYlXuVxI
210. XXE demo - https://www.youtube.com/watch?v=3B8QhyrEXlU
211. XXE demo 2 - https://www.youtube.com/watch?v=UQjxvEwyUUw
212. XXE demo 3 - https://www.youtube.com/watch?v=JI0daBHq6fA
LDAP injection
213. Introduction and practical 1 - https://www.youtube.com/watch?v=-TXFlg7S9ks
214. Practical 2 - https://www.youtube.com/watch?v=wtahzm_R8e4
OS command injection
215. OS command injection in bWAPP - https://www.youtube.com/watch?v=qLIkGJrMY9k
216. bWAAP- OS command injection with Commiux (All levels) - https://www.youtube.com/watch?v=5-1QLbVa8YE
Local file inclusion
217. Detailed introduction - https://www.youtube.com/watch?v=kcojXEwolIs
218. LFI demo 1 - https://www.youtube.com/watch?v=54hSHpVoz7A
9. 219. LFI demo 2 - https://www.youtube.com/watch?v=qPq9hIVtitI
Remote file inclusion
220. Detailed introduction - https://www.youtube.com/watch?v=MZjORTEwpaw
221. RFI demo 1 - https://www.youtube.com/watch?v=gWt9A6eOkq0
222. RFI introduction and demo 2 - https://www.youtube.com/watch?v=htTEfokaKsM
HTTP splitting/smuggling
223. Detailed introduction - https://www.youtube.com/watch?v=bVaZWHrfiPw
224. Demo 1 - https://www.youtube.com/watch?v=mOf4H1aLiiE
Phase 11 – Generating and testing error codes
225. Generating normal error codes by visiting files that may not exist on the server - for example visit chintan.php or chintan.aspx file on any website
and it may redirect you to 404.php or 404.aspx or their customer error page. Check if an error page is generated by default web server or application
framework or a custom page is displayed which does not display any sensitive information.
226. Use BurpSuite fuzzing techniques to generate stack trace error codes - https://www.youtube.com/watch?v=LDF6OkcvBzM
Phase 12 – Weak cryptography testing
227. SSL/TLS weak configuration explained - https://www.youtube.com/watch?v=Rp3iZUvXWlM
228. Testing weak SSL/TLS ciphers - https://www.youtube.com/watch?v=slbwCMHqCkc
229. Test SSL/TLS security with Qualys guard - https://www.youtube.com/watch?v=Na8KxqmETnw
230. Sensitive information sent via unencrypted channels - https://www.youtube.com/watch?v=21_IYz4npRs
Phase 12 – Business logic vulnerability
231. What is a business logic flaw - https://www.youtube.com/watch?v=ICbvQzva6lE&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI
232. The Difficulties Finding Business Logic Vulnerabilities with Traditional Security Tools -
https://www.youtube.com/watch?v=JTMg0bhkUbo&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=2
233. How To Identify Business Logic Flaws - https://www.youtube.com/watch?v=FJcgfLM4SAY&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=3
234. Business Logic Flaws: Attacker Mindset - https://www.youtube.com/watch?v=Svxh9KSTL3Y&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=4
235. Business Logic Flaws: Dos Attack On Resource -
https://www.youtube.com/watch?v=4S6HWzhmXQk&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=5
236. Business Logic Flaws: Abuse Cases: Information Disclosure -
https://www.youtube.com/watch?v=HrHdUEUwMHk&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=6
10. 237. Business Logic Flaws: Abuse Cases: iPod Repairman Dupes Apple -
https://www.youtube.com/watch?v=8yB_ApVsdhA&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=7
238. Business Logic Flaws: Abuse Cases: Online Auction -
https://www.youtube.com/watch?v=oa_UICCqfbY&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=8
239. Business Logic Flaws: How To Navigate Code Using ShiftLeft Ocular -
https://www.youtube.com/watch?v=hz7IZu6H6oE&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=9
240. Business Logic Security Checks: Data Privacy Compliance -
https://www.youtube.com/watch?v=qX2fyniKUIQ&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=10
241. Business Logic Security Checks: Encryption Compliance -
https://www.youtube.com/watch?v=V8zphJbltDY&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=11
242. Business Logic Security: Enforcement Checks -
https://www.youtube.com/watch?v=5e7qgY_L3UQ&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=12
243. Business Logic Exploits: SQL Injection - https://www.youtube.com/watch?v=hcIysfhA9AA&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=13
244. Business Logic Exploits: Security Misconfiguration -
https://www.youtube.com/watch?v=ppLBtCQcYRk&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=15
245. Business Logic Exploits: Data Leakage - https://www.youtube.com/watch?v=qe0bEvguvbs&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=16
246. Demo 1 - https://www.youtube.com/watch?v=yV7O-QRyOao
247. Demo 2 - https://www.youtube.com/watch?v=mzjTG7pKmQI
248. Demo 3 - https://www.youtube.com/watch?v=A8V_58QZPMs
249. Demo 4 - https://www.youtube.com/watch?v=1pvrEKAFJyk
250. Demo 5 - https://hackerone.com/reports/145745
251. Demo 6 - https://hackerone.com/reports/430854