In my early days as a software developer I worked at a small game studio. This was back in the days when ActionScript and Flash were still a thing.
Nowadays the language I’m most comfortable with is Java. A little while ago I was wondering whether it would be possible to create a game in Java.
More and more web-traffic is moving to https instead of http protocol. Because users are using a modern browser that defaults to https or a browser extension like Https-By-Default . A great development from a security- and privacy perspective. But with some side effects as it pointed out that the redirect service offered by our hosting provider does not fully support https which causes a security warning.
Although valid commercial solutions are available this fully triggered my (somewhat rusty) not invented here syndrome. Performing the redirect sounds like a suitable functionality for a simple cloud function. With the additional requirement that it should be able to host the cloud function on the (sub)domain(s) we want to use for our redirects.
Welcome back to the blog series about how to hack a box! In the first blog I gave an introduction into the steps and prerequisites on How to hack a box. In this second post I’ll guide you through the first step, which is exploration. We will execute the steps on an actual box in Hack The Box, called Blocky.
|DISCLAIMER: Never attempt to execute one of these steps on a machine where you don’t have explicit permission for from the owner. This is illegal and will get you in trouble.|
Welcome to the blog series about how to hack a box! In this first post I’ll guide you through the global steps you can take to hack a box. The steps are universal, so you can use them on any target which you have permission for.
In the next few posts we’ll go through each step in detail and try to hack a box in Hack The Box, called Blocky.
As developer, you probably have to work with APIs. Either you consume them, or perhaps you build them. Most of the time an API provides some sort of JSON response or perhaps XML. When the implementation is complete, it provides documentation as well, using the OpenAPI specification. This however is not what this blog is about.
The goal is to get you started exploring OData. OData is an OASIS Standard that defines the best practice for creating and using RESTful APIs. So in short, it is a web-based protocol for querying and updating data.
WebFlux is the reactive web framework for Spring. The programming model is easy but using it could be cumbersome if you don’t know the consequences when used incorrectly. This post will show what the consequences are when the reactive-stack is not used correctly. It will answer the question: why is my (health) endpoint sometimes so slow?
TL DR; Don’t block the event loop
Password must be at least 12 characters long, must include lower and upper case letters, must include numbers, must include special characters, must have at least 3 numbers, must have at least 2 special characters, may not include words in the dictionary. Your password is rejected because it does not comply to our policy. A policy that isn’t published anywhere, but you must make one that complies anyway. Your password has expired, make a new one that does not resemble any of the passwords that you have created in the past. And it’s all useless. We’re all doing it wrong.
During my last year at JCore I was given the opportunity to do deep-dive in a self-chosen topic in the form of a 'Specialisation'. For this 1-year project I chose to dive deep into AWS how it works and how I, as a developer, make use of it. Some of the topics I covered during this were: DevOps, CI/CD and Security. As a demo and as use case I created a simple pubquiz application in which you can register and have a custom form for your answers. During the development of this application I faced different challenges that I had to overcome. This blog is about how I created a simple API that is exposed to the internet and how I tried to tackle the challenges of security, scalability and adaptability.
The application I created consisted of a container image which hosts a simple API that is made with Java, Spring and AWS SDK. So for this backend application I created a Virtual Private Cloud(VPC) with a Fargate task in a private subnet so the application itself is not exposed to the internet. The goal was to make an API with the API Gateway that defines the API that redirects the correct call to my Fargate instance that is in a private subnet.
Here’s an overview of the infrastructure of my backend application:
Spring offers several frameworks to implement server side rendered web pages and REST APIS. In this blog I compare three options:
traditional, servlet based (spring-web),
reactive, Netty based (spring-webflux) and
DSL, reactive, Netty based (spring-jafu)
In Clojure we can format a string using Common Lisp format syntax or the Java format string syntax. In the post we will look at the how we can use the Java format string syntax. We must use the
format function in the
clojure.core namespace. The method delegates to the standard JDK
String#format method. The first argument is a format string followed by one or more arguments that are used in the format string. We can look up the syntax of the format string in the Javadoc for the
In the following example code we use the
format function with different format strings:
We have all gotten acquainted with git in the last decade. We have adopted a way of working that has made it easy for all of us to work together in large teams and reduced the times our code changes collided to a minimum. When we do run into problems, they’ve culminated to a single important moment; the merge. We all know the merging feature of git with all its pro’s and con’s. But what about another feature of git: rebase?