Investigating uPNP with Python for fun and profit
Investigating uPNP with python for fun and profit. SSDP is an interesting uPNP protocol - devices advertise their capabilities on the network and leak valuable information. SSDP is very similar…
Investigating uPNP with python for fun and profit. SSDP is an interesting uPNP protocol - devices advertise their capabilities on the network and leak valuable information. SSDP is very similar…
I've been training over the last 4 weeks for my Scrum Alliance Certified Scrum Master Certification. I took an online course, which was delivered over zoom in real time (as…
300 word summary: What is the paper about? Defending Against Injection Attacks Through Context-Sensitive String Evaluation introduces CSSE - Context-Sensitive String Evaluation - a way to detect sqlI in php at…
What is an API (Introduction to APIs) Carrying on from my previous posts on SOA here and here I thought it may be useful to write a post on what…
300 word summary: AMNESIA: analysis and monitoring for NEutralizing SQL-injection attacks. Provides a valuable background section on the countermeasures for SQL injection attacks: Defensive ProgrammingGeneral Techniques against SQLiStatic Analysis techniques…
My MSc Thesis in 2016 was titled Evaluation of SQL injection testing tools and techniques. I had a quick look through all my old uni work looking for content to…
My research notes about the different types of sqli - sql injection attack types; inband (eg reading errors from the screen) out-of-band (getting information from a different channel eg from…
What is the paper about? a holistic approach for a static analysis algorithm to detect sqli in web applications using run-time inspection Who is the intended audience? researchers Is title/abstract…
This paper (A Classification of SQL Injection Attacks and Countermeasures) has an excellent section on Injection mechanisms - the way that sql code is modified to actually perform the injection…
Os Detection Techniques and OS fingerprinting Os Detection Techniques - Background information This is a list of Os Detection Techniques, with explanations for all the active and passive Os Detection…
service-oriented architecture and frameworks IntroductionPapazoglou, (2003) organised SOA in four architectural layers: Service Foundations, Service Composition, Service Management and Service Engineering and outlined a host of technologies that could be…
Ive completed my MSc Thesis! I was awarded a grade A (81%) and an MSc with distinction :D The abstract from my thesis is below: SQL injection vulnerabilities remain one…
What is an sql injection attack? All websites process data entered by users. An input-validation attack is when unexpected user input is processed by a web server or database and…
4 Layers in an SOA There are 4 layers in an SOA: Business Processes Business Services Integration Services Enterprise Resources Enterprise Resources existing applications COTS systems (consumer, off the shelf)…
4 types of service in an SOA system. Business services Domain services Integration services Foundation / Utility services Business Services Provide high-level functionality Provides abstraction of the interface Provides integration of…
Challenges of SOA / Comparison of SOA and traditional apps Traditional enterprise applications present themselves as islands of data, automation and security. Integration is needed because of the nature of…
Characteristics of SOA services Granularity Size / Scope of service Encapsulation Separation of interface form implementation Modularity Business processes can be decomposed into services which can be decomposed into smaller…
There are 4 roles in SOA: Architecture team Business analysts Management / executive team Technical team (design / development) Roles in SOA - Technical team (design / development) Answers…
M-business Security Threats: Device as an attack vector with mobile devices widespread they are commonly being used as attack vectors Virii While not many viruses exist for mobile devices themselves,…
Oracle process overview. There are 3 types of oracle processes: USER processes SERVER processes BACKGROUND processes User connected to a user application (eg sql*plus) controls the application associated with an…
Oracle forms overview. Oracle internet platform consists of 3 components: oracle application server (forms service + OC4J) oracle developer suite (forms developer + object navigator + form module) oracle database…
This is a basic oracle procedure with cursor: DECLARE CURSOR my_cursor IS SELECT * FROM table_a LEFT JOIN table_b ON a.x = b.x BEGIN FOR things IN my_cursor LOOP --…
Oracle instead of triggers, and why you need them: You cant update a view if it contains:group byorder byanalytical /aggregate functionssubqueriesjoins You then need an 'instead of' trigger CREATE TRIGGER…
Oracle logical structures Oracle logical structures can be summarised by the following: Schema. Tablespace. Datablock. Redo log. Schema collection of objects (table, view, etc) owned by db user name is…
Oracle control file: binary file start of instance, file is checked database has 1 control file each modifiable only by oracle editing prohibited, even by DBA Keeps track of: datafile…
Since I released my first public wordpress theme (I have made lots of themes over the years, but have never released any as open-source) I decided I would share the…
Investment appraisal evaluation SCOTLAB TC COP Savings Achieved Cost of investment Opportunity cost Time-value of money Life of investment Available finance Benefits of investment Timing of income Compound Interest using…
Evaluation of FPA (Function Point Analysis) Language independant Derived from Specification Re-Usable code / Object Oriented Business software is best suited Training required Innovative code with fewer LOC is not…
Here are my bullet points for XP extreme programming: [DeLeRIuM Pair] Design Later Reuse / Refactor / OO Integrate continually Minimal system first, expand later Pair Programming [5 'Donts'] Don't…
I'm studying a Masters Degree in 'Advanced Computer Systems Design'. I have an upcoming exam in project management. One of the areas I'm studying is SDLC [software development life-cycles]. This…
Subnetting class C networks Benefits of Subnetting: Reduced Network Traffic Optimised Network Performance - as a result of reduced traffic Simplified management Facilitated spanning of large geographical distances How…