| AWS |
AWS |
AWS Partner Organization - Meet Donta, Senior Sourcing Recruiter | Amazon Web Services |
https://www.youtube.com/watch?v=qK9K47dLyZM
|
AWS Partner Organization Meet Donta Senior Sourcing Recruiter Amazon Web ServicesThe AWS Partner Organization provides companies across the world with the business technical and marketing support they need to build and scale their companies faster and more cost effectively to better serve AWS customers View open roles at AWS View roles in the Partner Organization Learn about AWS culture Subscribe More AWS videos More AWS events videos ABOUT AWSAmazon Web Services AWS is the world s most comprehensive and broadly adopted cloud platform offering over fully featured services from data centers globally Millions of customers ーincluding the fastest growing startups largest enterprises and leading government agencies ーare using AWS to lower costs become more agile and innovate faster AWS AmazonWebServices CloudComputing |
2022-04-14 17:04:51 |
| AWS |
AWS |
AWS Partner Organization - Meet Ryan, Senior Partner Development | Amazon Web Services |
https://www.youtube.com/watch?v=EREE3HttLKE
|
AWS Partner Organization Meet Ryan Senior Partner Development Amazon Web ServicesThe AWS Partner Organization provides companies across the world with the business technical and marketing support they need to build and scale their companies faster and more cost effectively to better serve AWS customers View open roles at AWS View roles in the Partner Organization Learn about AWS culture Subscribe More AWS videos More AWS events videos ABOUT AWSAmazon Web Services AWS is the world s most comprehensive and broadly adopted cloud platform offering over fully featured services from data centers globally Millions of customers ーincluding the fastest growing startups largest enterprises and leading government agencies ーare using AWS to lower costs become more agile and innovate faster AWS AmazonWebServices CloudComputing |
2022-04-14 17:04:17 |
| AWS |
AWS |
Amazon Leadership Principles, Chris, AWS Director Strategic Alliances | Amazon Web Services |
https://www.youtube.com/watch?v=8G2ToKXDchc
|
Amazon Leadership Principles Chris AWS Director Strategic Alliances Amazon Web ServicesChris is a Director working in the AWS Partner Organization We asked him about one of his favorite topics the Amazon Leadership Principles and this was his passionate response View open roles at AWS View roles in the Partner Organization Learn about AWS culture Subscribe More AWS videos More AWS events videos ABOUT AWSAmazon Web Services AWS is the world s most comprehensive and broadly adopted cloud platform offering over fully featured services from data centers globally Millions of customers ーincluding the fastest growing startups largest enterprises and leading government agencies ーare using AWS to lower costs become more agile and innovate faster AWS AmazonWebServices CloudComputing |
2022-04-14 17:03:43 |
| AWS |
AWS |
AWS Partner Organization - Meet Cynthia, Partner Development Manager | Amazon Web Services |
https://www.youtube.com/watch?v=FduezKS2DBE
|
AWS Partner Organization Meet Cynthia Partner Development Manager Amazon Web ServicesThe AWS Partner Organization provides companies across the world with the business technical and marketing support they need to build and scale their companies faster and more cost effectively to better serve AWS customers View open roles at AWS View roles in the Partner Organization Learn about AWS culture Subscribe More AWS videos More AWS events videos ABOUT AWSAmazon Web Services AWS is the world s most comprehensive and broadly adopted cloud platform offering over fully featured services from data centers globally Millions of customers ーincluding the fastest growing startups largest enterprises and leading government agencies ーare using AWS to lower costs become more agile and innovate faster AWS AmazonWebServices CloudComputing |
2022-04-14 17:03:02 |
| AWS |
AWS |
AWS Partner Organization - Meet Matt, Recruiting Manager | Amazon Web Services |
https://www.youtube.com/watch?v=nxM1FK10xZI
|
AWS Partner Organization Meet Matt Recruiting Manager Amazon Web ServicesThe AWS Partner Organization provides companies across the world with the business technical and marketing support they need to build and scale their companies faster and more cost effectively to better serve AWS customers View open roles at AWS View roles in the Partner Organization Learn about AWS culture Subscribe More AWS videos More AWS events videos ABOUT AWSAmazon Web Services AWS is the world s most comprehensive and broadly adopted cloud platform offering over fully featured services from data centers globally Millions of customers ーincluding the fastest growing startups largest enterprises and leading government agencies ーare using AWS to lower costs become more agile and innovate faster AWS AmazonWebServices CloudComputing |
2022-04-14 17:02:28 |
| AWS |
AWS |
AWS Partner Organization - Meet Anne, Senior Manager | Amazon Web Services |
https://www.youtube.com/watch?v=inon-Y-POV4
|
AWS Partner Organization Meet Anne Senior Manager Amazon Web ServicesThe AWS Partner Organization provides companies across the world with the business technical and marketing support they need to build and scale their companies faster and more cost effectively to better serve AWS customers View open roles at AWS View roles in the Partner Organization Learn about AWS culture Subscribe More AWS videos More AWS events videos ABOUT AWSAmazon Web Services AWS is the world s most comprehensive and broadly adopted cloud platform offering over fully featured services from data centers globally Millions of customers ーincluding the fastest growing startups largest enterprises and leading government agencies ーare using AWS to lower costs become more agile and innovate faster AWS AmazonWebServices CloudComputing |
2022-04-14 17:01:31 |
| js |
JavaScriptタグが付けられた新着投稿 - Qiita |
Screeps:ArenaをTinyGoのWebAssemblyで書こうとして断念した話 |
https://qiita.com/dryphantom/items/d25a3ea548a116369788
|
screepsarena |
2022-04-15 02:37:46 |
| Docker |
dockerタグが付けられた新着投稿 - Qiita |
Screeps:ArenaをTinyGoのWebAssemblyで書こうとして断念した話 |
https://qiita.com/dryphantom/items/d25a3ea548a116369788
|
screepsarena |
2022-04-15 02:37:46 |
| 海外TECH |
MakeUseOf |
9 Paleo Diet Blogs and Websites for Healthy and Delicious Recipes |
https://www.makeuseof.com/paleo-diet-blogs-websites-healthy-delicious-recipes/
|
Paleo Diet Blogs and Websites for Healthy and Delicious RecipesIf the paleo diet s limit to only ancient ingredients seems too restrictive you haven t explored the delicious recipes on these blogs and websites |
2022-04-14 17:30:14 |
| 海外TECH |
MakeUseOf |
How to Install a Backup Camera to Your Vehicle |
https://www.makeuseof.com/how-to-install-a-backup-camera-to-your-vehicle/
|
backup |
2022-04-14 17:15:13 |
| 海外TECH |
MakeUseOf |
Save 30% on Your Language Class With Lingoda's Easter Deal |
https://www.makeuseof.com/lingoda-easter-deal-discount/
|
language |
2022-04-14 17:05:14 |
| 海外TECH |
DEV Community |
React Forms — Formik vs. Hook Form vs. Final Form |
https://dev.to/sm0ke/react-forms-formik-vs-hook-form-vs-final-form-c1e
|
React Forms ーFormik vs Hook Form vs Final FormHello Coders Forms are a crucial part of every application from signing up logging in or collecting a survey from our users Forms may seem simple but they are not This article aims to provide a comparison of the top most used React Forms with pros cons and code samples Formik React Hook Form and React Final Form For newcomers React is a super popular JS library for coding interactive user interfaces baked by Facebook Thanks for reading Content provided by App GeneratorWhy do we need forms Intro to React a short one Formik pros cons and sampleReact Hook Form pros cons and sampleReact Final Form pros cons and sampleConclusions amp ResourcesFree React Sample Berry use Formik Free React Sample Datta Able use Formik Why do we need formsAs mentioned above forms might seem trivial and easy to code but this fact is not true in all cases Forms require validating the information provided by the user and coding multiple forms in different parts of our projects might be time consuming To solve this problem we can use Form Libraries built on top of React released in the open source ecosystem like Formik or React Final Form All mentioned libraries are easy to use and have almost all the functionalities we might need in our projects All we have to do is install and perform a quick setup of our preferred library After that we should be able to code much faster all forms required in the project and spend more time developing the actual business logic for the app What is ReactReact is an open source UI library built and maintained by Facebook React breaks down a big application into smaller pieces called components This component based approach of React makes it more usable and maintainable As you ll see React is not a framework it s a library That means it s not a complete solution New to React Check out this comprehensive React Starting GuideWhen you build an application with react you ll need to use other external libraries to finish the application This approach of React makes it more powerful because you have the freedom to choose whatever library you want for your app Examples of the libraries you might need to use are Axios for HTTP requests Redux for managing states and React router dom for Routing React hook form for building forms Why choose the right Form Library Might be important what form library you choose for your application because some libraries are large and slow and a lot of boilerplate codes or lack of support These issues make using the library difficult For these reasons you have to be picky about the library you choose for your application So without any delay let s dive in and see the pros and cons of the top three React Form Libraries We ll start with Formik FormikFormik is an open source React form library Authored by Jared Palmar Jared built Formik out of frustration when he had to build more than forms for his application He wanted a standard way to build and manage all the forms in his application For this he built Formik This library helps you with the three most annoying but important parts of building forms Getting values in and out of form stateValidation and error messagesHandling form submissionYou can build a form easily with Formik s lt Formik gt lt Form gt lt Field gt and lt ErrorMessage gt components Building a form with Formik is super easy Later In this section I ll show you how to build a form and validate it with Formik Before that let s look at a few pros and cons of Formik Formik ProsDeclarative components k stars on GithubIntegration with popular validation library YupExternal UI Library support Formik Cons dependencies and kB in size Issues on GHNo built in validationA lot of boilerplate code compared to React hook form Now that we ve seen the pros and cons of Formik let s build a simple form with Formik to make it clear Install FormikTo build a form with Formik first we ll have to install it We can do that with these commands npm install formik OR yarn add formikForm Source Codeimport React from react import ReactDOM from react dom import Formik Field Form from formik const Basic gt lt div gt lt h gt Sign Up lt h gt lt Formik initialValues firstName lastName email onSubmit async values gt await new Promise r gt setTimeout r alert JSON stringify values null gt lt Form gt lt label htmlFor firstName gt First Name lt label gt lt Field id firstName name firstName placeholder Jane gt lt label htmlFor lastName gt Last Name lt label gt lt Field id lastName name lastName placeholder Doe gt lt label htmlFor email gt Email lt label gt lt Field id email name email placeholder jane acme com type email gt lt button type submit gt Submit lt button gt lt Form gt lt Formik gt lt div gt ReactDOM render lt Basic gt document getElementById root As you can see it s a simple form We didn t add validation yet I ll do that in the next section To build the Form we called the lt Formik gt component It takes two props initialValues object which defines the initial values of the input fields and onSubmit method which handles form submission As you noticed this form is self declarative That means the code describes what s going on you don t need much effort to understand it Once we have finished the basic form the next step is to add validation and constraint user to input relevant information Form Validation in FormikOne of the reasons to build Formik is to make form validation hassle free Formik supports synchronous and asynchronous Form level and Field level validation It also provides schema based Form level validation through Yup Yup is a very popular form validation library Form level validationField level validationThis is it A complete Form built with Formik For more resources feel free to access React Hook FormReact Hook Form is a form library built around React hooks This library takes a different approach to building Form It isolates component re renders by using uncontrolled components Unlike Formik React Hook Form has zero dependencies And the size is half the size of Formik KB minified gzipped React Hook Form reduces the amount of code you need to write while removing unnecessary re renders To validate forms React hook form uses the standard Html based approach You can build a form with React hook form easily with the useForm hook I ll show you how to do that later in the post But now let s look at a few Pros and Cons of React Hook Form React Hook Form ProsLess boilerplate code Zero dependencyNo issues on Github what kb size minified and gzipped Out of the box integration with UI librariesEmbraces native HTML form validationSupport s Yup form validation React Hook Form ConsYou need to use Yup or Built in form validationInstall React Hook Form npm install react hook form OR npm install react hook form React Hook Form ーSampleimport useForm from react hook form const HookForm gt const register handleSubmit useForm const handleRegistration data gt console log data return lt div gt Hook Form lt form onSubmit handleSubmit handleRegistration gt lt div gt lt label gt Email lt label gt lt input type email name email register email gt lt div gt lt div gt lt label gt Password lt label gt lt input type password name pass register pass gt lt div gt lt button gt Submit lt button gt lt form gt lt div gt The handleSubmit handles the form submission and the register method helps you register an input field into React Hook Form so that it is available for validation and its value can be tracked for changes This is a basic form Now let s look at how you can validate forms with react hook form Form validation in React Hook FormReact Hook Form uses native HTML form validation to validate forms To validate using you pass the validation rules to the register method The validation rules are required indicates if the field is required or not minlength and maxlength set the minimum and maximum length for a string input valuemin and max set the minimum and maximum values for a numerical valuepattern takes a regular expression pattern to test the input Here s an example of how you validate forms in React hook form export default function App return lt form onSubmit handleSubmit onSubmit gt lt input register firstName required true maxLength gt lt input register lastName pattern A Za z i gt lt input type number register age min max gt lt input type submit gt lt form gt As you noticed this is just the initialization of validation We ll need a way to show the error message to the user import React from react import useForm from react hook form export default function App const register formState errors handleSubmit useForm return lt form onSubmit handleSubmit onSubmit gt lt input register firstName required true gt errors firstName type required amp amp First name is required lt input register lastName required true gt errors lastName amp amp Last name is required lt input type submit gt lt form gt For more resources related to React hook form feel free to access Quickstart React Final FormReact Final Form is a thin wrapper around Final Form library It doesn t have any other dependency than the Final Form and the size is really lightweight kb minified and gzipped You can build forms with React Final Form easily using the Form and Field component of React Final Form I ll show you how to do that in a few moments React Final Form ProsRenders only the changed inputsOnly kb minified and gzipped k stars on GithubReact Final Form ConsHas a peer dependency Final Form A lot of boilerplate code issues on GithubInstall React Final Form npm install final form react final form OR yarn final form react final formTo build a form you ll need to import the Form and Field component from react final form Form Sample Source Codeimport Form Field from react final form import React from react import render from react dom import Styles from Styles import Form Field from react final form const sleep ms gt new Promise resolve gt setTimeout resolve ms const onSubmit async values gt await sleep window alert JSON stringify values const App gt lt Styles gt lt h gt React Final Form Simple Example lt h gt lt Form onSubmit onSubmit initialValues firstname lastname render handleSubmit form submitting pristine values gt lt form onSubmit handleSubmit gt lt div gt lt label gt First Name lt label gt lt Field name firstName component input type text placeholder First Name gt lt div gt lt div gt lt label gt Last Name lt label gt lt Field name lastName component input type text placeholder Last Name gt lt div gt lt div className buttons gt lt button type submit disabled submitting pristine gt Submit lt button gt lt button type button onClick form reset disabled submitting pristine gt Reset lt button gt lt div gt lt form gt gt lt Styles gt render lt App gt document getElementById root As you can see this form is almost like the Formik form To build a form the component takes props initialValues handleSubmit and render This is a basic form with React Final Form without validation The validation in React Final Form is provided in two flavors just like FormikForm level validationField level validationBecause the validation code pattern is quite similar to Formik we will skip the samples for now For more information related to React Final Form please access So Which one should you choose Choosing a form library should be dependent on what type of project you are building Still there are a few global points to choosing one library over another After all these comparisons If I start any project right now I ll choose React Hook Form because it has zero dependencies and less boilerplate code compared to React Final Form and Formik Formik and React Final Form make forms complicated while React Hook Form looks cleaner and more intuitive at first look Also the validation provided by React Hook Form uses less code to finish the job At the end of the day feel free to choose Formik or React Final Form for your project It s completely up to your personal preference Sorry for this super long article For those that are still here the next section presents a few React Products that use production ready React Forms React Berry uses Formik Berry is a creative React Dashboard built using the Material UI It is meant to be the best User Experience with highly customizable feature riched pages It is a complete game changer React Dashboard with an easy and intuitive responsive design on retina screens or laptops React Node JS Berry ーproduct pageReact Node JS Berry ーLIVE DemoThe product comes with a simple JWT authentication flow login register logout powered by an open source Node JS API Backend via Passport Library img alt Berry ーOpen Source React Project that uses Formik lt br gt height src dev to uploads s amazonaws com uploads articles bcqijocybkygqwu png width React Datta Able ー uses Formik Datta Able is an open source React Dashboard that provides a colorful and modern design Datta Able React Free is the most stylized React Free Admin Template around all other admin templates in the market React Node Datta Able ーproduct pageReact Node Datta Able ーLIVE Demo |
2022-04-14 17:52:24 |
| 海外TECH |
DEV Community |
Django Tutorial Part 6 -- polls アプリでテーブルの中身を好きな順番で並べる |
https://dev.to/kaede_io/django-tutorial-part-6-polls-no-index-de-questiontext-wobing-beru-1log
|
DjangoTutorialPartpollsアプリでテーブルの中身を好きな順番で並べるwriteviewsthatactuallydosomethingfromdjangoshortcutsimportrenderfromdjangohttpimportHttpResponsefrommodelsimportQuestiondefindexrequestlatestquestionlistQuestionobjectsorderbypubdateoutputjoinqquestiontextforqinlatestquestionlistreturnHttpResponseoutputQuestionテーブルをmodelsからインポートQuestionのobjectsを作成日順につまでに制限して取得するで先ほどのリストを展開したものを連結するadminでみるとQuestinonsまである状態でも最新のからまでつだけ並んだ。 |
2022-04-14 17:50:28 |
| 海外TECH |
DEV Community |
How to Get the URL for Pictures |
https://dev.to/tieje/how-to-get-the-url-for-pictures-30o6
|
How to Get the URL for PicturesIn your favorite search engine type whatever you want a picture of and press Enter Windows or return Mac Left click on the search engine s Image tab Left click on any picture to bring it up Right click the picture for options and left click Copy Image AddressPress ctrl v Windows or Command v Mac to paste the image address wherever you need it |
2022-04-14 17:50:28 |
| 海外TECH |
DEV Community |
Web <=2.0 Apps/Sites are Never Safe to Use |
https://dev.to/suicide/web-20-appssites-are-never-safe-to-use-c98
|
Web lt Apps Sites are Never Safe to UseA bit of a stretch title here but just think about it Almost all of the webapps you are using today are not really safe to use And I am not talking about that everything is somehow hackable like in the movies but actual threats that sneak into your systems Is this Safe From a user perspective he visits your app and gets a somehow valid ssl certificate a green lock in the old days and he matches the URL of you app just to be sure before he interacts with it That is what many sites propagate to users for safety checks But this doesn t cover anything basically and gives the user false trust in your app How does he know that he is actually communicating with your app There could still be a man in the middle attack going on Can the user be sure that your app is not doing something fishy in the background Can you be sure about that So from a user s perspective he just has to trust you as a developer that you are not scamming him There is just no way for him to know with certainty what is happening in your app Malicious code and behaviorDo you know what code you deliver towards your users I don t mean what you intend to deliver but what you actually do Say you have a typical setup you push your change into your git your CI builds tests and deploys your app into your cloud kubernetes cluster Your change is live within a couple of minutes fully tested And you are a paranoid type so you sign your commits only signed commits are build and your container images are also signed and thus only signed containers are being deployed in your ks Sounds great But this is actually quite a long chain of stops for your app where things can go wrong Maybe one of your colleagues is about to get fired and commits some backdoor do you peer review everything Do you actually trust you CI Maybe you have a third party container based CI like GitHub Actions or Gitlab How much do you know about that platform Does your build image contain malicious code Maybe a dependency of yours changes without you realizing and now does some spooky thing is in the background Did you pin that thing And now that weird change is in your signed container image Does your ks cloud provider actually execute your app without changing it And does Cloud Service XYZ not change or read your data Can you actually be sure that there is nothing fishy going on Do you even check for that Verification is keyInstead of trusting your build pipeline you need a way to verify that it is producing valid artifacts One way to do that is by using reproducible builds This way you could do automatic checks with multiple independent pipelines or just sporadic manual checkups by comparing a local build with your CI artifacts This gives you a tool to actually verify that your artifacts weren t tampered with What about your actual runtime Well this gets a bit more tricky Having your app running in a public cloud you never actually know what is going on Self hosting your app might be an option but how do you know that nobody infiltrated your company s network and changed your running app You could build your app as physical hardware like soldering circuits etc but that is just not an option Doing a you could host your app publicly Dynamically having your workloads run on different independent hosters various clouds some server farm on someones server at home Services like Akash Network go in that direction and provide a decentralized cloud platform But from a users perspective only the code and the execution he can verify is safe Meaning any closed source code that runs on some closed network is by definition not safe because he cannot verify it Thus systems like facebook banks government tax apps and pretty much everything is not safe to use and providing any sensitive data to them is kind of dangerous because you do not know what happens with it Looking at your typical web app that hosts is open source system on IPFS and some blockchain the user is actually able to verify the code the build artifacts and the execution Thus such system is safe r to use if the user does his homework by actually verifying and if we ignore bugs and security issues in the code for this argument ConclusionToday basically all major apps we use are closed source and run behind closed doors Users and developers do not actually know what is going on in there and the less information we have about an app the less we can trust that it is doing what it is supposed to do Openness is essential for users and developers to verify an app in its code and its execution With the public becoming more aware of software supply chain issues and security vulnerabilities developers need to take measures to increase trust in their applications And trust is best created by verifying at least in software |
2022-04-14 17:48:46 |
| 海外TECH |
DEV Community |
What are simple tools for creating a standalone API-only service? |
https://dev.to/ben/what-are-simple-tools-for-creating-a-standalone-api-only-service-4gio
|
What are simple tools for creating a standalone API only service I doubt there is one correct answer as this is going to depend on language preferences whether the service is offered by a company you might already have an account with etc But I d love any and all opinions on this subject |
2022-04-14 17:48:45 |
| 海外TECH |
DEV Community |
An OpenAPI-first Ingress Controller for Kubernetes - Kusk Gateway |
https://dev.to/kubeshop/an-openapi-first-ingress-controller-for-kubernetes-kusk-gateway-2a49
|
An OpenAPI first Ingress Controller for Kubernetes Kusk Gateway IntroductionThe OpenAPI specification has become ubiquitous in the modern world of developing APIs It is a great way to describe and document your API A major benefit of OpenAPI is that it is machine readable i e software can be written that can “do stuff based on the content of your OpenAPI definition Take for example SwaggerUI which provides a nice user interface where developers can test and become familiar with your API or openapi generator that can generate clients and servers from your OpenAPI definition What if we took advantage of the machine readability of OpenAPI and had a machine configure your Kubernetes cluster for your API based on the contents of its OpenAPI definition Current state of the worldCurrently to expose your API in Kubernetes you need to write Ingress resources Ingress is made up of routing rules that define how and where traffic is forwarded to your services or a contract if you will In addition to your Ingress resources you need an ingress controller to update the state of the cluster to allow traffic to reach your applications based on your ingress configurationThe problem with traditional ingress controllers is that they can be hard to learn and manage Each has their own feature set and uses their own resource formats that need to be learned This is a difficult hurdle for those just starting out with Kubernetes Another issue that we contend with is getting a full picture of our application configuration Ingress configurations like it or not are part of it Some Ingress controllers may have parts of their configuration spread across multiple resources meaning that all of them have to be fetched This issue is made worse when you factor in quality of service configuration such as timeouts and retries which could also be their own resources What about in a microservice architecture A single OpenAPI specification describes an API that could be made of multiple microservices However the ingress configuration requires dedicated Kubernetes resources Instead a better way would be to have a single pane of glass view of the app s configuration The OpenAPI specification itself is the perfect way to achieve this OpenAPI already contains most of the information that you must specify in an Ingress configuration OpenAPI is extensibile via extension annotations and given the ubiquity of OpenAPI we can be confident in saying that API developers are comfortable with this format We at Kubeshop believe that OpenAPI should be enough to configure your application s ingress This prevents repeating yourself by redefining information already in your OpenAPI specification in Ingress resources This also prevents needing to learn how to write Ingress resources The Kusk solution an Ingress Controller that understands OpenAPI We decided to address these issues by creating an Ingress controller that understands OpenAPI Kusk Gateway All of the configuration you would keep in Ingress resources can now be kept in a single place your OpenAPI definition providing that single pane of glass configuration for your API thanks to our x kusk extension Under the hood Kusk Gateway is powered by Envoy Proxy a battle tested and production ready proxy that routes traffic to services defined in your OpenAPI specification This approach provides a number of benefits You don t have to learn new configuration format s and create corresponding configurations for deploying your API under KubernetesYour OpenAPI definition becomes the source of truth for both functional and QoS deployment aspects of your API instead of this information being spread out over multiple filesYou can rapidly iterate on your API without having to require DevOps resources Kusk gateway will automatically re configure itself as the OpenAPI definition evolves with each iterationYou don t have to write boilerplate code that Kusk Gateway can provide out of the box based on the OpenAPI definition request validation mocking metrics analytics security etc And something that benefits you that we would love to hear about Kusk Gateway Alpha is now available on GitHub Despite being in alpha has quite a lot of things going for it Automatically configure routing to your APIs using your OpenAPI definitionBy embedding your OpenAPI spec in a Kusk Gateway API Custom Resource applying it just like any other Kubernetes resource is all that s required to fully configure routing to your API For more information read our official API resource documentation Configure Quality of Service and CORS settings from within OpenAPIUsing our supported annotation you can configure quality of service settings such as retries and timeouts as well as configuring CORS within your OpenAPI specification For more information read our official CORS documentationSupport for routing to static resources such as CSS and JavascriptTo facilitate the serving of static content with your APIs we have a custom resource for routing to these also For more information read our official static resource documentation Closing RemarksWe dare to say that the alpha release of Kusk Gateway is mature and stable enough for local development and evaluation As we close gaps and add more features over the coming weeks hopefully based on your feedback we aim to release a production ready version early next year Configuring and enjoying the powerful benefits of Ingress in Kubernetes shouldn t be as cumbersome as it can be Let Kusk Gateway do the heavy lifting for you so you can focus on what matters your application If Kusk Gateway has piqued your interest we would love to hear your feedback either in the form of an issue on Github linked below or a direct message on our Discord Server also linked below and if you would like to help us evolve Kusk Gateway we accept all contributions with open arms whether that be documentation improvements a bug fix or even whole features Check out the Github repo and full documentation to learn more about Kusk Gateway and download the alpha Leave a star on the repo to stay updated on new features and improvements Join our Discord community to connect with others and get support |
2022-04-14 17:44:26 |
| 海外TECH |
DEV Community |
[Parte 9] ASP.NET Core: Logging con Serilog |
https://dev.to/isaacojeda/parte-9-aspnet-core-logging-con-serilog-48o4
|
Parte ASP NET Core Logging con Serilog ¿Quées el Logging El Logging son bitácoras del comportamiento del sistema que se persisten en algún lado o se pueden visualizar en alguna interfaz No suele darse importancia al logging pero cuando los problemas comienzan a salir en un sistema en producción lo primero a lo que recurres son los logs Tener logs bien estructurados y con información útil suelen salvar el trasero de muchos El logging tiene muchos propósitos pero principalmente nos ayuda a investigar las causas raíces de los problemas que suceden en el sistema analizar bugs y revisar problemas de rendimiento y hasta para auditar un sistema ASP NET Core ya cuenta con un sistema de logging el cual por default estáconfigurado para mandar logs a consola a event logs de windows y entre otros esto se configura por default en el HostBuilder Pero para irnos más lejos de solo logs en consola se necesita más configuración y esfuerzo Para esto viene Serilog es una herramienta que nos ayuda a no reinventar la rueda El código siempre lo encontrarás en mi GitHub ¿Quées Serilog Serilog es una herramienta que nos permite hacer logs para diagnostico que se pueden guardar en archivos mostrarse en consola y muchas otras opciones Es muy fácil de configurar y tiene una API muy limpia y se puede usar en distintas versiones de NET sin problemas A diferencia de otras librerías los parámetros pasados en los logs no son convertidos a texto sino que su estructura es conservada y nos permite ver de forma muy efectiva los valores de los objetos y dependiendo en donde guardamos los logs podremos conservar sus estructuras e incluso hacer búsquedas No se hace log de texto se hace log de datos Para sacar jugo de Serilog debemos de usar message templates esto implica no solo concatenar texto de hecho no debes de concatenar strings al hacer logs Nota Este vídeo explica lo que acabo de decir Un message template podría ser de esta forma var input new Latitude Longitude var time log Information Processed SensorInput in TimeMS ms input time Obtendremos este resultado en consola Information Processed Latitude Longitude in ms El operador que estáen SensorInput le dice a Serilog que mantenga la estructura del objeto que se pasa ahí Si esto es omitido serilog mandaráa llamar el método ToString para mostrar el valor de dicho objeto Este ejemplo cuenta con dos propiedades SensorInput y TimeMS Estos se guardarán en el log event y no solo como un texto que vemos en la consola Las propiedades capturadas en formato JSON se podrán visualizar así SensorInput Latitude Longitude TimeMS SinksLa segunda cosa importante de utilizar Serilog son los Sinks Los sinks son aquellos lugares en donde podemos decirle a Serilog que guarde los logs Pueden ser archivos en JSON pueden ser registros en una base de datos eventos en un Application Insights este y entre muchas cosas Por eso es importante usar Message Templates porque tal vez en consola no podemos ver mucha información pero cuando se guarda la información en un lugar como Elastic Search podemos hacer búsquedas por usuario por tipo de operación que hizo y entre otros Serilog también es una alternativa al uso de Audit NET que expliquéen otro post La idea es aprender de las alternativas que tenemos al usar ASP NET Guardar los logs en un Application Insights es super útil ya que AI te ayuda a agrupar los logs según los requests y operaciones que se hacen en tu Web API Hacer el tracing de esa información es super útil al estar diagnosticando tu aplicación cuando falla o tiene problemas de rendimiento Un ejemplo de cómo se ve un log generado con Serilog y mandado a Application Insights Puse en rojo mi Message template pero a Serilog le indiquéque agreguémás propiedades al Log Event Aunque yo no los vea en consola en los Sinks los podremos ver Configurando Serilog en MediatRExampleComo lo puedes ver esta es la parte de una serie de publicaciones Todo enfocado a ASP NET Core y temas que considero todos deberíamos saber Primero empezaremos instalando Serilog para ASP NET Core en Web API dotnet add package Serilog AspNetCorePor default aquívendráincluido el Sink para mandar los logs a consola pero si necesitas cualquier Sink diferente deberás buscar en Github como configurarlo Agregando Serilog a Program csLa configuración es muy sencilla porque se integrarátotalmente con ILogger lt T gt que ya hemos estado usando todo el tiempo Solo en Program cs hacemos lo siguiente código omitidovar builder WebApplication CreateBuilder args builder Host UseSerilog Log Logger new LoggerConfiguration MinimumLevel Override Microsoft LogEventLevel Warning Enrich FromLogContext WriteTo Console CreateLogger código omitidotry Log Information Iniciando Web API await SeedProducts Log Information Corriendo en Log Information https localhost Log Information http localhost app Run catch Exception ex Log Fatal ex Host terminated unexpectedly return finally Log CloseAndFlush código omitidoAquíla sección Log de appsettings json la podemos borrar ya que no se usará El Message Template que tengo en el AuditLogBehavior es logger LogInformation RequetsName User with request Request typeof TRequest Name currentUserService User Id request Y al correr la aplicación se veráde la siguiente manera Y si queremos guardar los logs en un archivo en el mismo Web Server que sirve como para consultarlos en tiempo real si usamos Azure hacemos lo siguiente en Program cs Log Logger new LoggerConfiguration MinimumLevel Override Microsoft LogEventLevel Warning Enrich FromLogContext WriteTo Console WriteTo File log txt rollingInterval RollingInterval Day lt CreateLogger Con esto si corremos la aplicación se crearán archivos txt con el nombre log yyyyMMdd txt en la raiz del proyecto y con el siguiente contenido INF Iniciando Web API INF Corriendo en INF https localhost INF http localhost INF CreateProductCommand aa f ed bebb with request Description New Product Price type CreateProductCommand INF CreateProductCommand aa f ed bebb with request Description New Product Price type CreateProductCommand INF CreateProductCommand aa f ed bebb with request Description New Product Price type CreateProductCommand INF CreateProductCommand aa f ed bebb with request Description New Product Price type CreateProductCommand INF CreateProductCommand aa f ed bebb with request Description New Product Price type CreateProductCommand INF CreateProductCommand aa f ed bebb with request Description New Product Price type CreateProductCommand INF CreateProductCommand aa f ed bebb with request Description New Product Price type CreateProductCommand WriteTo File tiene más opciones de configuración Les recuerdo hay Sinks para todo tipo de persistencia Y te preguntarás al final ¿para quésirve todo esto La respuesta corta es Diagnosticar Cuando algo pasa en tu aplicación sabes aproximadamente cuando sucedió lo único que puedes hacer es ir a ver los logs y revisar que hizo el usuario para que tronara la aplicación El sink de archivos es algo útil pero es más útil si usamos sinks como de Elastic Search o Application Insights Permitir búsqueda y hacer Tracing de los Requests de tu aplicación es un sío síque debes de tener en producción Nota Puedes visitar Github para ver todos los sinks disponibles ConclusiónEl Logging y Tracing son temas que nos deben de interesar Aunque solo hemos visto como crear Logs y mandarlos a un Sink de archivos y a Consola de aquípuedes investigar más y revisar que cumple las necesidades de tu proyecto Como siempre cualquier pregunta no dudes en buscarme en mi twitter en balunatic Referenciasserilog serilog aspnetcore Githubserilog serilog GithubUltimate Guid to Logging |
2022-04-14 17:42:34 |
| 海外TECH |
DEV Community |
Profiling Machine Learning Using Graphsignal |
https://dev.to/dmelikyan/profiling-machine-learning-using-graphsignal-1aao
|
Profiling Machine Learning Using GraphsignalGraphsignal is a machine learning profiler that helps data scientists and ML engineers understand benchmark and analyze model training and inference to make it faster and computationally efficient By adding a few lines of code to machine learning notebooks scripts or applications Graphsignal automatically profiles TensorFlow Keras PyTorch Hugging Face and other frameworks To add the profiler simply install and import the Python module and configure it by providing an API key and workload name Get the API key by signing up for a free account Finally register the profiler callback or use profile functions depending on the framework Here is a minimal example for Keras framework Import Graphsignal modulesimport graphsignalfrom graphsignal profilers keras import GraphsignalCallback Configuregraphsignal configure api key my key workload name training example Add profiler callbackmodel fit callbacks GraphsignalCallback You can find more information on other integrations in the Docs After starting the run the profiles are automatically recorded and available for analysis in the cloud dashboard for each run or experiment where some basic statistics such as batch time batch rate GPU memory and utilization can be compared Opening a profile allows you to see much more detailed information about a particular phase of the run A profile includes a performance summary detailed information about the run environment training or inference speed Compute resources utilization Also operation and kernel level statistics which are instrumental for understanding where exactly the most time and compute are spent For example in this case we can see that most of the time is spent on data input operations so optimizing those may result in significant speed gains To see how runs perform over time use Metrics dashboard Add Graphsignal to all your ML workloads that are run manually or executed periodically in ML pipelines and enable constant team access to automatically recorded profiles and metrics at any time As you have seen trying it out is easy see Quick Start Guide for instructions or learn more at graphsignal com |
2022-04-14 17:26:21 |
| 海外TECH |
DEV Community |
10 Unrevealed NFT Trends: How Crypto Millionaires Are Driving a Boom in the Digital Art Market |
https://dev.to/amitbiwaal/unrevealed-nft-trends-2ihp
|
Unrevealed NFT Trends How Crypto Millionaires Are Driving a Boom in the Digital Art Market was the year of the NFT Non fungible tokens NFTs are being used in a wide range of industries including gaming banking art and medicine thanks to the strong community supporting the technology NFTs have nearly limitless applications NFTs may be required for all purchases in ten years according to some Some people believe that legal documents will be replaced by smart contracts Even while many people believe NFTs are a passing fad or niche technology major companies like Meta previously Facebook Twitter Reddit and Visa are keeping an eye on the NFT trend and making plans to take advantage of it when it takes off Hottest NFT Trends to Watch in NFT GamingGamers love NFTs because of their use in NFTs The use of NFTs in video games can enhance the player s overall gaming experience Virtual assets and bosses for example can be fought over and rewards can be accrued for conquering the latter More than Axie Infinity substitutes and rivals To produce and trade unique digital assets NFT Gaming has built in tools that don t require complicated smart contracts or several exchanges Using NFT Gaming you d be able to move your crypto collectables between games and platforms with ease It s not over yet There may also be a defined entrance cost for each game with the proceeds going back to the prize pool which could be utilised to pique interest in a new game while simultaneously providing players with other methods to earn points and rewards to keep them engaged In light of the rise of virtual and augmented reality the Metaverse etc this could be a game changer and one of the fastest way to make a day easily NFT CollectiblesNFT collectibles may be the most widespread type of NFT at the moment and a fad that s sweeping the internet Digital assets can be used to verify ownership in addition to giving a new way to collect and exhibit objects This might be used to keep rare objects out of the hands of fraudsters while still allowing collectors exclusive access Artists may simply protect their identity and ownership of their work by using this technology to ensure that the world knows who created it The value of artistic content and NFTs has recently risen dramatically as a result of this with some creators earning millions of dollars on a single original work NFT Real EstateNFTs can also be used in the real estate industry which is a novel use case Blockchain technology can be used to build a new sort of property registry that employs NFTs as proof of ownership Allowing consumers to buy sell or lease homes without the need for a third party intermediary would result in lower transaction costs and shorter timeframes NFT MarketplacesNFTs can be found in a variety of venues but marketplaces are one of the most visible While blockchain based marketplaces provide a safe means to buy or sell items they can significantly lower transaction fees Customers and merchants may be able to interact more directly in the future which could change the way we purchase online forever NFT IdentityUsing NFTs to prove and securely transfer ownership has already been discussed Their ability to store and verify identity makes them ideal for a range of applications that might include borderless travel and KYC verification as well as hosting decentralised government services NFT technology can be used in a wide variety of ways in this domain because the entire objective of the technology is to verify something s authenticity and identification might very much be a component of that NFT AvatarsIn addition to collections NFTs may be utilised to produce new kinds of digital assets Avatars are digital representations of real people each with a distinct set of characteristics that determine how they act and perform in video games Using NFT avatars instead of standard online banking procedures could be the next generation of internet user interfaces NFT Messaging AppsWith NFTs a blockchain based version of Snapchat s self destructing messages is now a real possibility for blockchain based secure communications If you want your messages to vanish into thin air with no traces left behind this is a fantastic solution but still have an audit trail Apps that allow you to communicate with other users without revealing your phone number could potentially be used If you don t want others to know your phone number or if you need to contact someone you don t know this is an excellent choice Additionally NFT messaging apps are ideal for organisations that need to communicate with customers but don t want to collect their customers personal information NFT WalletsIt s crucial to have a safe place to keep NFTs as they grow more popular In this case NFT wallets come to the rescue Password protection and encrypted backups are also standard features in these wallets A user friendly interface designed exclusively for NFTs makes it simple to manage your assets They have advantages over other forms of cryptocurrency wallets in several ways For example they make things easier to use and provide better security As a bonus NFT wallets may be used to store numerous cryptocurrencies in one place making it easier for users to manage their finances NFT wallets are frequently open source allowing anybody can view and make changes to the source code As a result they are able to better manage their finances and make their transactions more transparent For those who want to store their digital assets safely NFT wallets offer many advantages over other types of cryptocurrency wallets says Nelson Smith a business writer for Britstudent and Nextcoursework NFT Credit CardsOne of the most interesting possibilities for NFTs is their ability to disrupt the current credit card system An NFT based credit card could be made possible with the help of blockchain technology Using digital assets as collateral for loans would allow people to borrow money more securely and efficiently Cards from NFT are no different from any other type of credit card Purchases in stores or online can be made as well as cash withdrawals from ATMs Traditional credit cards and NFT credit cards both have their advantages and disadvantages To use NFT credit cards you must have a blockchain wallet As a result all of your transactions and credit card details are kept safe and secure on the distributed ledger Set up alerts to warn you of any transactions such as a purchase or an ATM withdrawal Using NFT credit cards gives you access to far more information than using a standard credit card would For example you ll be able to keep track of every transaction made with your credit card as well as the fees connected with those transactions Regardless of your location you may easily access this data because it is saved on the blockchain ensuring the highest level of security NFT StreamingNFT streaming enables the real time delivery of digital assets Live auctions gaming and voting might all benefit from this technology Imagine being able to follow an auction live or place a wager on a game while it s happening You may also stream content from your computer to any device without first downloading the complete file Because it doesn t take up space on your phone or tablet it s ideal for watching movies or listening to music on the go You may watch videos stored on Dropbox or Google Drive using NFT streaming which also works with online storage providers As a bonus you can stream new episodes of your favorite shows before they are available in DVD or iTunes purchases making it easy to stay up to date |
2022-04-14 17:22:55 |
| 海外TECH |
DEV Community |
n-days of hacking - This is the best way to eat popcorn |
https://dev.to/dr4la/n-days-of-hacking-this-is-the-best-way-to-eat-popcorn-2eh3
|
n days of hacking This is the best way to eat popcorn How I discovered Ippsec and online cybersecurity training platformsI am blogging about my pentesting voyage because it helps me to learn better It keeps my information scope in control When one begins to immerse oneself into a field one tends to jump back and forth into various interesting rabbit holes And hacking has many of those all pretty and sweet At the same time the art of hacking is also being able to see through many many of those holes and find the way in There are so many details and areas so good repetitive practice and documenting thinking through builds motivation and most important inspirationLet me introduce my self briefly and the methodology that I will use I have been tinkering with my linux boxes Archlinux btw debians and lately NixOS mostly for more than a decade My first linux was Slackware It seems like ancient history to me honestly I don t work in IT I am a professional classical guitarist and educator but always since my youth have I have felt drawn to computers and linux Lately I have been learning Haskell and functional programming because it feels mind expanding but I kinda gave that up being overwhelmed with functors and monads at the same time being a parent and having a regular job in a local music school Not to say functional programming did not actually help me in so many ways like when I see some code now the way I think about it has changed type oriented thinking helps in seeing how things compose together I say a regular job because I am not too happy with it Its kind of a straight jacket This year I have been learning about NixOS declarative linux distribution which is completely configured with nix expressions There in a single source of truth the configuration nix file and you can roll back and forth from generation to generation basically you can have many versions of the same program on the same system and nothing gets corrupted I am no programmer and have not written any kind of program except the most basic ones I often read and copy paste too much and enjoy exploring various rabbit holes like category theory taking a bite too big to swallow I love reading things I don t know about I wonder if that is some kind of imposter syndrome reverse shell I am familiar with various infosec terminology though in the sense that I do know what nmap does what TCP IP means I even used to read phrack issues from time to time I spent much time reading all kinds of posts deep diving on hackernews and on and so on After ten years sometimes I feel I don t know much just a bunch of very wide lateral surface like knowledge Not much has been put into actual deep practice Since most of these things I don t really use or practice variations upon a theme I tend to forget them after a while I am aware I might sound like a complete mess but I feel I am a hacker at heart I do care for user experience and imagine a world where interacting with computers is well more interactive I used to play armagetronad game very well but after noticing my cortisol levels reaching up and wide I stopped suddenly and never played any games after it I was good at it But I thought about a gamified learning experience often and Imagined how the future of work are virtual gamified platforms This is where Hack the Box blew my mind with it s gamified hacking platform a place where one can so to say have the cake and eat it too where one can learn by doing where one can play and learn at the same time and be a part a kind and receptive community of hackers I recently finished watching the amazing Mr Robot series on Netflix Elliot can move through the networks and do all kinds of hacks which inspired me to think more about security and the actions of a user and read bits on security here and there But there is something else too A hacker is somehow flexible and creative and has a superior control over his digital senses He can break in he can modify all kinds of files noticing the patterns and knowing how even a tiny change in the code might change the complete state of the system and all that is visible in the real world too He can write an exploit a work of art whose sole purpose is to deliver a payload that will somehow bring the system to its knees It is sci fi at its purest I discovered HackTheBox platform and Ippsec walkthroughs Ippsec is the famous HackTheBox player who also made many almost and counting video explanations of the boxes he breached He works now for HTB and continues to work on new boxes and doing all kinds of interesting work I read about him and how many people even call him a legend That is inspiring I was instantly hooked and blown away into million bits as if Rinzler himself threw that disc at me He seems like a really nice guy and you can sense his love and enthusiasm when he talks He is humble too which is an amazing quality to experience when listening to an educator It helps one progress faster and removes many mental afflictions that may appear along the way Speaking as an educator myself having someone like that helps immensely since he is not pulling you into his own afflictions but allowing you to grow as an artist as a person Actually seeing someone moving like that and talking back and forth about the possible attacks and defenses made all the difference for me too Somehow the static images of hacking pages turned into a movie and seeing this movie opened my eyes to the true beauty of hacking I actually did buy the famous book Hacking The Art of Exploitation back in but unfortunately I never read that book it seemed too hard too low level for me at that time which is too bad since it looks like a great book I needed my Ippsec But have no regrets HackTheBox is here to stay and there has never been better time to learn hacking Isn t that amazing Wait how amazing is that Seeing Ippsec kindled that flame again and realizing you could hack all kinds of real boxes on a private virtual network with other players seemed so super exciting and again mind blowing But it s not just that It is amazing to see how someone moves around the network While before I would read much and like statically configure something on my system a hacker actually moves around the network and computers like USS Discovery That is the inspiration I guess I was missing Yes watching Ippsec is inspiring to say the least It motivates you to learn about buffer overflows and php filters You realize the shell commands are like various senses of a user and editing the code files is like search and replace actions as if teleporting your actions into the distance of the digital grid you automate them invoke reverse shells that connect to you and oh so many other goodies Let s pop the corn ippsec popcornSo first I just watch the Ippsec popcorn video couple times and write a couple of notes here and there not too many since I first want to listen to the way Ippsec speaks and the flow of it Stuff like the php script into png file conversion eludes me the first time but by the next time I understand the idea of adding the beginning magic bytes from another legitimate file to the script so that the linux file command recognizes the script as a normal file Looks hard at first but then it does get much easier Now watching it for the third time I am carefully stopping after each phrase and googling everything Ippsec is saying I do know what is nmap and php and png and what it means to get a reverse shell but of course I have no idea how to do all these things I am like a hacker impostor I can follow the conversation but I have no actual idea what is happening I can only fake it but that s a beginning too ppsec begins connecting to the virtual network with tmux which is a terminal multiplexer He fires it up with a commandtmux new s HTBNow this is a very nifty program and I am only briefly familiar with it from my xmonad days In a tmux session you can open multiple terminal windows inside tmux so in a way it is like a tiling window manager but just for the terminal window Nice and important feature of tmux is that the session is persistent which means that if you do get disconnected from the server the program on the server will keep running I still don t know the full implication on this but let s go on There is also a new multiplexer called zellij written in Rust which is a modal multiplexer and visually it also seems really nice to try it out Zellij shows the commands in the bottom pane which is more user friendly than the tmux way So I install rustup and then zellij curl proto https tlsv sSf sh cargo install zellijIppsec taks about the importance of being organized Very first thing to do is find a way to stay organized I just created a folder called boxes and labeled the hostname of each box This one is called popcornI have been first using emacs with org mode and then switched to notion so I am actually using notion right now to write this which has a really nice mobile app too but now I am also looking at obsidian too which has this temporal mapping and visual network of things you learn In any case making good notes is very important It makes all the difference when one is learning One is repeating what one learns formulating it in a variety of ways thus going deeper into what one learns It is extremely important The next thing after taking notes is actually writing write ups blogging and streaming about what one learns This helps in connecting with the community which then helps in building motivation and persistence Again really important to take notes And the level of expertise is not important even more so I wish there are more noobs documenting in detail how they go through these things There is much to learn from that Again user experience and how one learns It will help more people to learn IT Ippsec begins the reconnaissance phase with a nmap scan with options sV for version sC to run safe scripts against it it may be redundant to run both of these but I always do it out of habit I put oA formats because I don t know if I want to use the grepable format the regular format or the xml It might as well give me all The first thing he does is he goes to the in the browser and gets the standard Apache server page it works I have no idea what nmap can actually do Ok so nmap is something called a port scanner A port scanner is usually used in the initial phase of reconnaissance It enumerates or tells you information about the system or the networks you re scanning nmap is like the eyes through which you can see what is happening around you what things or systems are doing on the network what doors or ports are open or closed how many there are but also which kind of systems are running behind these doors It seems it is easy to begin with nmap but there is a lot of depth to it too I take the note to myself to do the corresponding courses on nmap on HackTheBox and TryHackMe and skim through the freely available nmap book by its original coder Fyodor Again nmap seems like a huge time investment in itself but for now maybe let s continue and learn just the basics So my very first step is I turn on my burp proxy and we are going to refresh this and I am going to change this host to be the domain name of the server Host popcorn htb and I do this just because of something called virtual host routing The server is going to look at this header that I sent and if it s set up as virtual host routing it will read this and potentially service to a different location Not the case here Ippsec is using the professional burp license and as I learn the community one which is free has some limitations I am wondering if these limitations will get in the way when attacking a single box on hackthebox or these limitations are appearing when attacking web applications with potentially several domains across the network What are the limitations when using it for just a single web application on the hackthebox network And I google alternatives such as open source tool ZAP ZAP seems like a similar program so I would like to try to learn the basics of ZAP too Update I found this really nice and on point video from John Hammond where he explains the basics of burp and setting the DVWA application using a docker container It is a really nice down to earth video and one of the best The other source would be hackersploit videos on burp on youtube Burpsuite BasicsSo the next step is I am going to run dirb against it you can use wwwfuzz dirbuster there are a lot of programs you can run I just run dirb dirb http r o tmp dirb r is going to make it so it doesn t go into recursive mode and o saves it as output Now what is actually dirb and what does it do DIRB is a Web Content Scanner It looks for existing and or hidden Web Objects It basically works by launching a dictionary based attack against a web server and analyzing the responses Now Ippsec turned off the reverse search this time because it would attack each subfolder of every folder and so on and so on That s recursion So it would take much time Apparently this was not needed in this case but I learned what an recursive attack means This is something familiar from Haskell The output of dirb shows different pages on the server We have a CODE SIZE It may be useful we may wanna dirb this to see if there is any cgi scripts We have index index html server status test is interesting Let s open up test and we probably have to turn intercept off and we get the php info page This tells us a bunch of information about the server most importantly it shows us where php scripts are cached so if we have a local file inclusion we may be able to chain some of the knowledge gained from this to give us code execution So we ll keep that in our pocket in case it s useful We also see a torrent link so I click this and see what this is We do have an application a torrent hoster So my first step is I generally always and I say generally because I didn t do it here but I run searchsploit against the app searchsploit is going to search exploitdb but it s all local so it goes really fast And we do see one remote upload exploitI will have to finish the blogpost here for now and continue next time I would like to blog more often than waiting for something to be finished This took me couple of weeks and juggling between family obligations and work and hacking is hard Next time I am going to continue commenting the popcorn and eventually popping it myself In the mean time I am studying burp then setting up my virtual lab with metasploitable and learning more about linux text processing tools Being quick on the command line and learning to filter files taking into account permissions users wildcards and regex is something I need to work on I have watched the next two boxes from Ippsec One is October and that one seems hard for me to understand since I don t know anything about buffer overflows The Arctic seemed easier but it was a windows machine and Ippsec used metasploit So there is much learning to come I am happy and super excited about this Until soon Tron popcorn |
2022-04-14 17:09:48 |
| 海外TECH |
DEV Community |
Golang: Structs |
https://dev.to/mr_destructive/golang-structs-bk8
|
Golang Structs IntroductionMoving on to the th part of the series we will be understanding structs in golang Structs are an important aspect of programming in Golang they provide a way to define custom types and add functionality to them We will be understanding the basics of operating on structs like declaration initialization and adding functional logic into those structs Structs in GolangStructs or Structures in Golang are the sequences or collections of built in data types as a single type interface Just like we have int string float and complex we can define our own data types in golang They can consist of built in data types as mentioned and also certain functions or methods which can be used to operate on them Using structs we can create custom data types that can meet the specific requirements of our problem We can define structs and later inside functions we can create instances of those structures Structures are like a template or blueprint representation of data It doesn t hold the actual data in memory it is just used to construct an object of that type After defining a struct we can create instances or objects of those structs These instances actually hold data in memory in the run time so we basically deal with objects in the actual program We ll see certain concepts of creating instances declaring and defining structs accessing data from instances and so on in the following section of the article Struct Class Template Structure for creating custom data types Properties variables and constants defined inside a structure Methods functions that are bound to a struct Declaring StructWe can declare structs by using the keyword type followed by the name of the struct after tha name the struct keyword itself and finally sets of parenthesis Inside the parenthesis we define the structure i e which type of data is to be stored and the name of those respective variables type Article struct title string is published bool words int We have declared a struct or a custom data type or a class not really in golang with the name Article that has few associated properties variables inside of it We have title as a string is published as a boolean and words as an integer value This constructs a simple type of golang which has a defined structure We can further use this Article struct as a data type in the main function or any appropriate scope for actually assigning the structure memory at runtime Struct Naming ConventionThere are a few things that we need to understand and make a note of especially the naming convention The struct name should be capitalized if you want to make it publicly accessible The variable properties names i e title is published and words should be also capitalized if you want to make them accessible from the struct instance This might not be important right now but it is worth knowing for later use cases Let s say we want to use a struct from other files or modules for that the name of the struct in the file script where the struct is defined should have the Capitalized convention If you have a simple and single file script program you can keep it lowercased or camelCased Leaving that aside for now we will try to focus on the essence of the structs in golang Creating Instances Objects of StructsNow after defining the struct we need to create instances or objects of them This can be done in several ways like using Struct literal Manual assignment and using the new function We ll look into each of them in this section Using struct literalThe most simplest and straightforward way to initialize a struct is to use the struct literal just like we did with Maps Slices and Arrays We basically parse the values of the respective fields in the struct package mainimport fmt type article struct title string is published bool words int func main golang article Golang Intro true fmt Println golang go run struct go Golang Intro true We have created the object or instance of the struct Article using the shorthand notation or the walrus operator Inside the braces we can assign values but those values need to be in the same order as defined in the struct definition else it gives a compilation error of type mismatch So here we have assigned the value title is published and word as Golang Intro true and respective in that order Using Key value pairsWe can also use the key value notation for assigning values in the instance With the previous method we need to specify and thus initialize all the properties at once but using this method we have a bit more flexibility vim Article title Vim Keymapping is published false fmt Println vim go run struct go Vim Keymapping false Here we have provided the key i e the variable name inside the struct and then provided the value to it separated by a colon Using this way of initializing instances of struct we have better control and flexibility in providing a default value for that object In the example above we didn t initialize the property words but it already initialized to since the object is created hence the memory allocation is completed and thereby it needs to have a default value Using the new functionWe can use the new function to create a new instance of a struct Though we can t provide an initial value using the new function all the properties are initialized with their respective default values Further if we want to modify the values we can access each property variables in struct using the dot operator and assign the desired values django new Article fmt Println django go run struct go false We have used the new function to allocate memory for an instance of struct with the provided name This function basically allocates all the properties of a default value and returns a pointer to that memory address If we store the result of the new function in a variable object we would get a pointer but we need the object itself so we use before the new function so as to de reference the memory address from the pointer So we have stored the default values in the newly created object of Article structure in django this gives the default values like an empty string default boolean value false and default integer value If we don t dereference the pointer and use it like djagno new Article thereby we get a pointer in that variable as amp false Hence we use before the new keyword Accessing Assigning values to propertiesWe can now change the values of the properties in the object of the struct using the dot operator We basically use the instance object name followed by a and the property name to set its value django new Article fmt Println django django title Django View and URLs django words django is published truefmt Println django go run struct go false Django View and URLs true So here we have used the object name which is django and access any property by name with the dot operator thereby we set the value as per the requirement Note we have not used the operator as the properties have already been initialized we simply need to modify the default value Creating Functions associated to StructsWe can now move into creating functions in the struct by adding functions methods in structs we can incorporate a lot of functionality into the structure of our data type For instance we can set the value of a string as Empty or NA beforehand rather than empty string package mainimport fmt type Mail struct sender string subject string sent bool word count int func m Mail check spam if m subject fmt Println Spam else fmt Println Safe func main mail one new Mail fmt Printf Mail one mail one check spam mail two Mail xyz xyz com Golang Structs true fmt Printf Mail two mail two check spam go run methods goMail one Spam Mail two Safe We define a function associated with a struct by providing the struct name and a parameter name which can be just used inside of the function Here we have used m Mail so as to reference the object of the struct provided to it This basically binds the function to the struct and hence it becomes a method of that struct Further we can access the properties from the struct by their name using the dot separator We are just checking whether the subject property in the instance is empty or not and simply printing text to the console We are accessing the function and calling it with the syntax as instance name function name here the function name is check spam and the object name is mail one for the first instance Thereby we have called the function which is bounded to the instance of the struct As we have accessed the function after the instance name the binding of the function i e the statements m Mail has taken the current instance and parsed it as the instance of the struct Hence we are able to access the current instance s properties within the function method Adding a return statementBy simply providing the return type and return statement with value we can create functions of specific return types package mainimport fmt type Mail struct sender string subject string sent bool word count int func m Mail check spam bool if m subject return true else return false func m Mail print spam spam bool if spam fmt Println Spam else fmt Println Safe func main mail one new Mail fmt Printf Mail one is mail spam mail one check spam mail one print spam is mail spam mail two Mail xyz xyz com Golang Structs true fmt Printf Mail two is mail spam mail two check spam mail two print spam is mail spam go run methods goMail one Spam Mail two Safe We have modified the check spam function which returns a boolean value If the subject is empty it returns true else it returns false Also we have added a function print spam function which takes in a parameter as a boolean value and prints text according to the value This is how we work with functions in structs We have parsed the return value of the check spam function as a parameter to the print spam function Constructor in StructsConstructors are special methods that are invoked when the instance of a struct is created i e the properties are assigned an initial value or default value In this way we can perform basic operations which we need to perform after the instantiation of the struct Golang does not have built in constructors but it is quite easy to create one We simply need to create a function with an appropriate name don t clash it with the struct name by providing all the parameters that are in the struct so as to initialize them and finally the return value as a reference to the struct instance package mainimport fmt type Repository struct name string file count int func New Repository name string file count int Repository file count name Test return amp Repository name file count func main blog New Repository fmt Println blog go run constructor go Test We have created a function that is technically acting like a constructor as it sets a default value to the properties in the structure We have struct Repository containing name as a string and file count as an integer We created a Constructor function named New Repository that basically takes in the properties in the struct remember they haven t been initialized yet as we are writing the constructor for the very purpose We have to parse the parameters with the initial value and let it modify once we have created the instance That s it from this part Reference for all the code examples and commands can be found in the days of Golang GitHub repository ConclusionSo from this part of the series we are able to understand the basics of structs in golang We covered declaration definition and adding methods in a struct This gives a glimpse of Object Oriented Programming in Golang Thank you for reading If you have any questions or feedback please let me know in the comments or on social handles Happy Coding |
2022-04-14 17:09:14 |
| 海外TECH |
DEV Community |
HOW TO RUN A SQL FILE AND CREATE A DATABASE |
https://dev.to/caglarcercinli1/how-to-run-a-sql-file-and-create-a-database-4ka8
|
HOW TO RUN A SQL FILE AND CREATE A DATABASEIt is not always a good practice to insert data with a psql command line Creating a sql file and running it is sometimes easier First we create a file with sql extension with notepad for example DROP TABLE products create table products id serial primary key name varchar not null price varchar not null insert into products name price values hamburger Why DROP TABLE It would delete the previous table and rewrite it otherwise it would cause en error Then we log into psql run i fastfoodshop sqlIt is important to indicate the correct place of the file After that check table and entries Wish you an easy coding |
2022-04-14 17:04:35 |
| 海外TECH |
Engadget |
Watch Elon Musk's TED talk live for free |
https://www.engadget.com/elon-musk-ted-talk-how-to-watch-172254234.html?src=rss
|
Watch Elon Musk x s TED talk live for freeIt s a busy time in the world of Elon Musk On the same day it emerged he made a bid to buy Twitter he s giving a TED Talk The organizers of TED are opening up the conference s livestreaming channel to all so anyone can watch the talk which is underway for free nbsp As ever Musk should have plenty to talk about He recently became Twitter s largest shareholder He was offered a seat on the board but turned it down Soon after Musk was hit with a class action lawsuit relating to how he disclosed his investment And that s not to mention his own companies SpaceX and Tesla which he might discuss as well Grab some popcorn and watch the stream here You can rewind to the beginning if you re joining a little late |
2022-04-14 17:22:54 |
| 海外TECH |
Engadget |
Alexa devices now support TuneIn Premium radio streaming |
https://www.engadget.com/alexa-tunein-premium-streaming-radio-171201296.html?src=rss
|
Alexa devices now support TuneIn Premium radio streamingTuneIn is bringing its paid service to Amazon Alexa enabled devices You ll be able to access TuneIn Premium content such as live sports from any Alexa smart speaker or display You ll be able to listen to MLB NHL and college sports games featuring your favorite team simply by saying quot Alexa listen to sports quot TuneIn Premium also offers more than commercial free radio stations and you won t hear pre roll ads for the tens of thousands of other radio stations on the platform Additionally you ll be able to listen to ad free news TuneIn Premium typically costs per month However Amazon and TuneIn are offering new members a three month trial Existing TuneIn Premium members can connect their accounts to Alexa to help them get the most out of their subscription Alexa has supported TuneIn s regular service for years so having access to the Premium service is a welcome upgrade |
2022-04-14 17:12:01 |
| 金融 |
金融庁ホームページ |
第16回「金融庁・日本銀行連絡会」の開催について公表しました。 |
https://www.fsa.go.jp/news/r3/sonota/20220414nichiginrenrakukai.html
|
日本銀行 |
2022-04-14 18:00:00 |
| 金融 |
金融庁ホームページ |
金融庁職員の新型コロナウイルス感染について公表しました。 |
https://www.fsa.go.jp/news/r3/sonota/20220414.html
|
新型コロナウイルス |
2022-04-14 18:00:00 |
| ニュース |
ジェトロ ビジネスニュース(通商弘報) |
疾病管理庁、60歳以上への4回目の新型コロナワクチン接種を発表 |
https://www.jetro.go.jp/biznews/2022/04/62bac491550c111b.html
|
管理庁 |
2022-04-14 17:10:00 |
| ニュース |
BBC News - Home |
Tory MP Imran Ahmad Khan quits after sexual assault conviction |
https://www.bbc.co.uk/news/uk-politics-61113265?at_medium=RSS&at_campaign=KARANGA
|
verdict |
2022-04-14 17:04:15 |
| ニュース |
BBC News - Home |
Prince Charles stands in for Queen at Maundy Service |
https://www.bbc.co.uk/news/uk-61111303?at_medium=RSS&at_campaign=KARANGA
|
traditional |
2022-04-14 17:30:06 |
| ニュース |
BBC News - Home |
El Shafee Elsheikh: Guilty verdict for Islamic State 'Beatle' jihadist |
https://www.bbc.co.uk/news/world-us-canada-61112787?at_medium=RSS&at_campaign=KARANGA
|
beatle |
2022-04-14 17:41:40 |
| ニュース |
BBC News - Home |
Brooklyn shooting: Subway attack suspect held without bail |
https://www.bbc.co.uk/news/world-us-canada-61111253?at_medium=RSS&at_campaign=KARANGA
|
people |
2022-04-14 17:43:15 |
| ビジネス |
ダイヤモンド・オンライン - 新着記事 |
ほとんどの人が知らない! 就職活動の書類選考で 実は、大事なこと - 簡単ルールで 突然、美文字が書ける |
https://diamond.jp/articles/-/301214
|
ほとんどの人が知らない就職活動の書類選考で実は、大事なこと簡単ルールで突然、美文字が書ける直接会うことが減り、オンラインでのやりとりが増えてきた今、「手書き」文字は「個性」や「人柄」に触れられる数少ないツールとしてビジネスでの大きな武器となります。 |
2022-04-15 02:55:00 |
| ビジネス |
ダイヤモンド・オンライン - 新着記事 |
川崎重工業の失敗から見えるROIC経営への示唆とペンタゴンモデルの提唱 - 経営指標大全 |
https://diamond.jp/articles/-/301659
|
中期経営計画 |
2022-04-15 02:50:00 |
| ビジネス |
ダイヤモンド・オンライン - 新着記事 |
「頭皮が臭う…!」効果的な2つの対処法とは? - 髪が増える術 |
https://diamond.jp/articles/-/301099
|
「頭皮が臭う…」効果的なつの対処法とは髪が増える術薄毛、白髪、フケ、かゆみ…。 |
2022-04-15 02:45:00 |
| ビジネス |
ダイヤモンド・オンライン - 新着記事 |
【大安吉日に1日1分強運貯金!】 見るだけで、仕事も恋愛もダブルで良縁に恵まれる! 【大国主大神と白兎】のご利益パワーとは? - 1日1分見るだけで願いが叶う!ふくふく開運絵馬 |
https://diamond.jp/articles/-/300730
|
【大安吉日に日分強運貯金】見るだけで、仕事も恋愛もダブルで良縁に恵まれる【大国主大神と白兎】のご利益パワーとは日分見るだけで願いが叶うふくふく開運絵馬史上初神社界から「神道文化賞」を授与された絵馬師が、神様仏様に好かれる開運法を初公開。 |
2022-04-15 02:40:00 |
| ビジネス |
ダイヤモンド・オンライン - 新着記事 |
株で勝てる人は熟知している「株の買い時、売り時」 - 株トレ |
https://diamond.jp/articles/-/300763
|
運用 |
2022-04-15 02:35:00 |
| ビジネス |
ダイヤモンド・オンライン - 新着記事 |
賃貸のあなたは毎月、お金をドブに捨てている? - 世界一面白くてお金になる経済講座 |
https://diamond.jp/articles/-/300325
|
賃貸のあなたは毎月、お金をドブに捨てている世界一面白くてお金になる経済講座コロナ禍の時代が長く続き、世の中では「投資ブーム」が起こっているそうです。 |
2022-04-15 02:30:00 |
| ビジネス |
ダイヤモンド・オンライン - 新着記事 |
意外と知らないロシア周辺国「2分でわかる! ノルウェーってどんな国?」 - 読むだけで世界地図が頭に入る本 |
https://diamond.jp/articles/-/301147
|
|
2022-04-15 02:25:00 |
| ビジネス |
ダイヤモンド・オンライン - 新着記事 |
【精神科医が教える】 孤独を恐れない たった1つの考え方 - 精神科医Tomyが教える 心の荷物の手放し方 |
https://diamond.jp/articles/-/301379
|
voicy |
2022-04-15 02:20:00 |
| ビジネス |
ダイヤモンド・オンライン - 新着記事 |
【自分でこっそり占えて便利!】初心者が「意外と当たる!」と評判のタロットをやってみた結果 - タロット 基本のリーディング大全 |
https://diamond.jp/articles/-/301328
|
【自分でこっそり占えて便利】初心者が「意外と当たる」と評判のタロットをやってみた結果タロット基本のリーディング大全人間関係、仕事、家族、友人、恋愛、人生……そこに明確な悩みがある、気になることがある、とにかく何となく不安だという時に、誰かに何か言ってほしい、アドバイスがほしい、と思うことはありませんかでも、そんなことを他人に聞くのはためらわれる、気軽に相談できる人がいない、というのなら、タロットに尋ねてみてはいかがですか。 |
2022-04-15 02:15:00 |
| ビジネス |
ダイヤモンド・オンライン - 新着記事 |
アメリカの中学生が学んでいる「環境保全」の授業【全世界700万人が感動した「科学」ノート】 - アメリカの中学生が学んでいる14歳からの科学 |
https://diamond.jp/articles/-/301661
|
汚染物質 |
2022-04-15 02:10:00 |
| ビジネス |
ダイヤモンド・オンライン - 新着記事 |
AI通訳機「ポケトーク」分社化とトップ交代の関係は? - ファイナンス思考 |
https://diamond.jp/articles/-/301535
|
AI通訳機「ポケトーク」分社化とトップ交代の関係はファイナンス思考起業家と投資家の経験をもつ書籍『ファイナンス思考』の著者・朝倉祐介さんが、ビジネスのトップ層から現場に至るまで、実績を挙げた多士済々をゲストにお迎えするインタビューPodcast「朝倉祐介の経営トーク」。 |
2022-04-15 02:05:00 |
| 北海道 |
北海道新聞 |
立民、略称・民主党使用へ 参院選、国民は反発 |
https://www.hokkaido-np.co.jp/article/669722/
|
立憲民主党 |
2022-04-15 02:01:00 |
コメント
コメントを投稿