Author: Oliver Nichols
-
Locally Run an AWS Serverless Micronaut App
Micronaut has several advantages for getting started quickly in AWS Lambda. For my example, I’m using GraalVM to build a native fast Lambda function. I’m also using AWS CDK to deploy the function. Without further ado, let’s get started. Prerequisites Build the Application Building the software is simple enough. Execute the following command to build…
-
[Solved] Vue.js Inner Components Not Updating
I came across an interesting problem in Vue.js and wanted to share the solution. The Problem Inner components were not updating based on changes to a computed value. Here is a snippet: When ‘unselected’ (a computed value) was updated, the view didn’t change. I confirmed that the computed value ‘unselected’ and v-for were working by…
-
Introducing a New Website – haxor.rocks
I’m introducing a new website haxor.rocks to provide learning content for cybersecurity professionals. I’m compiling a list of techniques used by hackers. My first discussed technique is Zip Slip, a cool vulnerability about archives and directory traversal. It is a quick read. I hope you enjoy 🙂 Read More About Zip Slip on Haxor.Rocks
-
IDOR
I created my first video regarding web vulnerabilities: IDOR (Insecure Direct Object Reference). Feel free to check it out and leave a comment!
-
OWASP Top 10 Cheat Sheet
Here is a condensed and easy to read version of the OWASP Top 10. I hope you enjoy!
-
Pivot Chaining with SSH and SOCKS
This guide discusses how to chain pivots together to reach networks several layers deep from our starting host. Following Along I have an easy-to-use Lab on GitHub if you would like to follow along on a Linux machine. Setup is simple. Install docker-compose and run the following command: This will setup multiple docker hosts, each…
-
FPS Movement and Aiming in Godot
One of the rudimentary starts for a first person shooter (FPS) game is the ability to move and aim. This tutorial walks through how to quickly setup with support for keyboard/mouse and controller. This tutorial focuses on the script portion. Let’s begin. Prerequisites Within your player scene, create a CharacterBody3D node and update your scene…
-
Session Management for Web Apps
HTTP is a stateless protocol meaning that each request does not save any information. When you login into a web application, it must somehow maintain that you are logged in. One of the common approaches to that problem is using a session identifier. Important Qualities “HttpOnly” Session Cookie An HttpOnly cookie prevents JavaScript from accessing…
-
Getting the Most Out of Nmap
Nmap (Network Mapper) is one of the most utilized tools in penetration testing. This guide will discuss some awesome options and how to get the most out of using nmap. Starting Point Here is a starting point that you can utilize. Depending on your situation, you may need to modify or adapt the commands below.…
-
Attack: Local File Inclusion
Local File Inclusion (LFI) can occur within an application when input can affect what file is “included”. If the contents of a file are displayed, this could provide the attacker the opportunity to view files (maybe even sensitive ones) within the file system. Example Consider the following HTTP request to display a list of movies:…