Okay, so I was just tryna figure out how big this HUGE repo I'm working on actually is.

Turns out, finding that info was a pain. So, I decided to build something to make my life easier when dealing with massive codebases.

Introducing Git-Bit, a lil' website that gives you insights on a GitHub repo including its size.

[Website link] [GitHub repo]

#MyProjects #GitBit #github

play around with it and let me know your feedbacks 🙌

throwback to the first design i made. the G @DoughNutDrops looked at it and gave me positive feedback back then. never touched designing afterwards tho 🙃

#throwback

just a little reminder 🤗

Makefiles in Go: Streamline Your Build Process

Makefiles help in compilation, testing, and deployment of your code. While they might seem intimidating at first, they offer a powerful way to automate your workflow and make your life as a Go developer much easier.

What is a Makefile?

Imagine you have a complex Go project with multiple files and dependencies. Manually compiling everything each time you make a change would be a nightmare, right? That's where Makefiles come in. They are simple text files that contain instructions for building your Go project. Think of them as a set of recipes that tell your computer how to compile, test, and package your code.

Why Use Makefiles in Go?

Automation: Makefiles automate repetitive tasks, like compiling your code, running tests, and generating documentation.
Efficiency: They only recompile the necessary files, saving you time and resources.
Organization: They provide a clear structure for your build process, making it easier to understand and maintain.
Consistency: Ensure that your build process is always consistent, regardless of the environment or developer.

Makefiles in action

Let's break down the essential components of a Makefile:

1. Targets: These are the tasks you want to perform, like "build," "test," or "clean." 
2. Dependencies: These specify the files or other targets that a target depends on. For instance, the "build" target might depend on the "test" target.
3. Commands: These are the actual instructions to be executed. They are written after the target and dependencies.

A Simple Makefile Example:

# Build the application
build: 
go build -o main main.go

# Run the tests
test: 
go test -v ./...

# Clean up built files
clean:
rm -f main

Code Break Down:

We have three targets: "build," "test," and "clean."
The "build" target depends on nothing and executes the go build command to compile the main.go file into an executable named main.
The "test" target also depends on nothing and executes the go test command to run all tests within the project.
The "clean" target removes the main executable.

Go-Specific Makefile Enhancements:

Go Modules: Makefiles work seamlessly with Go modules. You can use variables to specify your module path and other settings.
Package Management: Makefiles can be used to manage dependencies, downloading and installing them automatically.
Cross-Compilation: Easily compile your Go code for different operating systems and architectures.

Beyond the Basics:

Makefiles are incredibly versatile. You can define custom targets for tasks like:

Documentation generation: Use tools like godoc to create API documentation.
Code formatting: Automatically format your code using tools like gofmt.
Deployment: Automate the deployment of your application to cloud platforms.

Concluding thoughts

Makefiles are powerful tools that can significantly improve your Go development experience by automating tasks, managing dependencies, and streamlining your workflow.

#TakeAByte #Makefile #golang #DevTools
@Mi_Ra_Ch

putting my basement to a good use 🙂

it's quite likely that the installation of new Go version fails especially if you're on linux. so instead of directly deleting the existing Go setup, move it to old directory and install the new one.

mv /usr/local/go /usr/local/old-go
tar -C /usr/local -xzf go1.22.6.linux-amd64.tar.gz
rm -rf /usr/local/old-go

if something goes wrong while installing the new version, it’s good to have the previous one around.

#tips #golang #linux
@Mi_Ra_Ch

I'm not sure what's more awkward, asking to call someone or responding with a 'no'. But at least it's less awkward than saying 'yes.' Then you have to actually talk 😑 calls drain too much energy ngl

literally me rn

XEE Attack: Exploiting Timing Differences for Information Disclosure

XEE (Cross-site Execution) attacks are a type of side-channel attack that exploits timing variations in a website's responses to deduce sensitive information. These attacks rely on the fact that different operations take varying amounts of time to complete, and these differences can be measured and analyzed to reveal otherwise hidden data.

How XEE Attacks Work:

XEE attacks typically involve injecting JavaScript code into a web page that observes the timing of the website's responses to different requests. For example, consider a login form that validates a user's password:

<form method="post" action="/login">
  <input type="text" name="username" placeholder="Username">
  <input type="password" name="password" placeholder="Password">
  <button type="submit">Login</button>
</form>

An attacker might inject a script that iterates through a list of potential passwords, sending each one to the login form:

// Example of a malicious script exploiting timing differences
function bruteForcePassword() {
  const passwords = ["password1", "password2", "secret", "12345", ...];
  for (let i = 0; i < passwords.length; i++) {
    const startTime = Date.now();
    // Submit the password to the login form
    document.querySelector("input[name='password']").value = passwords[i];
    document.querySelector("form").submit();
    // Measure the time it takes for the website to respond
    const endTime = Date.now();
    const responseTime = endTime - startTime;
    // Analyze the response time and try to deduce the correct password
    // (e.g., if the response time is significantly longer for a specific password, it might be the correct one)
    console.log("Response Time for password " + passwords[i] + ": " + responseTime); 
  }
}

This script sends each password to the login form and measures the time it takes for the website to respond. If the response time is significantly longer for a specific password, the attacker might deduce that it is the correct one.

Exploiting Timing Variations:

XEE attacks can exploit various timing differences:

Database Queries: Different database queries can take different amounts of time to execute, depending on the complexity of the query and the size of the database.
Password Validation: Websites might take longer to validate incorrect passwords, especially if they involve complex hashing algorithms.
Cookie Processing: Websites might take longer to process and decrypt cookies containing sensitive information.

Defending Against XEE Attacks:

Constant Time Operations: Implement password validation and other sensitive operations with constant time complexity, meaning the execution time should remain consistent regardless of the input.
Timing Obfuscation: Randomly introduce delays in response times to make it difficult for attackers to measure accurate timing differences.
Secure Coding Practices: you gotta be aware of the potential for XEE attacks

Concluding thoughts

XEE attacks are a serious threat to web security, and require careful consideration with implementation of appropriate countermeasures.

#TakeAByte #XEEAttack #pentest
@Mi_Ra_Ch

sup y'all 🙌

Logos just made a good password manager app.

[GitHub repo] [Releases]

this is the latest apk for it

had a human-contact outside of my family members today. such a milestone 😊🙌

Go is a bit slower than compiled languages like C mostly due to its automated memory management also known as the "Go runtime". oftentimes this is for memory safety and simpler syntax.

#golang

I'm hoping a lot from Barca and Arsenal this year. both got a match today

fyi i've been a diehard fan of Barcelona since i was 6 or 7 😭