π¦Pro hacking -Use the pandas library to filter and save csv files- final of guide>
> can't find any video for this modern tutorial :)
> you can simple create it as bash script and uploaded it to github
> can't find any video for this modern tutorial :)
> you can simple create it as bash script and uploaded it to github
Forwarded from Backup Legal Mega
β β β ο½ππ»βΊπ«Δπ¬πβ β β ββ
π¦Google engineer: 70% of Chrome security vulnerabilities are memory security issues, and Rust has become an alternative language
recently from our tweets @ UndercodeNews :
1) Recently, a Google engineer analyzed 912 security bugs fixed in the Chrome stable branch since 2015. And found that among all the security vulnerabilities marked as "high" or "serious", about 70% are memory management and security issues.
2) Half of these are use-after-free vulnerabilities. This security issue is caused by the wrong management of memory pointers (addresses), opening the door for attackers to attack Chrome's internal components.
π¦Google engineer: 70% of Chrome security vulnerabilities are memory security issues, and Rust has become an alternative language
recently from our tweets @ UndercodeNews :
1) Recently, a Google engineer analyzed 912 security bugs fixed in the Chrome stable branch since 2015. And found that among all the security vulnerabilities marked as "high" or "serious", about 70% are memory management and security issues.
2) Half of these are use-after-free vulnerabilities. This security issue is caused by the wrong management of memory pointers (addresses), opening the door for attackers to attack Chrome's internal components.
Forwarded from Backup Legal Mega
π¦ This data happens to be the same as Microsoft βs previous research results : The Microsoft Security Response Center (MSRC) classified all reported Microsoft security vulnerabilities since 2004, and about 70% of all Microsoft βs annual patches are for memory security vulnerabilities. Fix.
1) The Microsoft Security Response Center once explained that this is because most of their products are written in C and C ++, and these two programming languages ββbelong to the category of "memory-unsafe". A vulnerability in the developer code that manages memory execution can lead to a series of memory security errors.
2)) Google also faces a similar situation. Only from March 2019 to the present, out of 130 Chrome vulnerabilities rated "serious", 125 are related to memory corruption, which shows that memory management is still a big problem.
3) To this end, Google engineers must follow " The Rule of 2 " ( The Rule of 2 ). That is, whenever an engineer writes a new Chrome feature, its code must not break the following two or more conditions:
1) The Microsoft Security Response Center once explained that this is because most of their products are written in C and C ++, and these two programming languages ββbelong to the category of "memory-unsafe". A vulnerability in the developer code that manages memory execution can lead to a series of memory security errors.
2)) Google also faces a similar situation. Only from March 2019 to the present, out of 130 Chrome vulnerabilities rated "serious", 125 are related to memory corruption, which shows that memory management is still a big problem.
3) To this end, Google engineers must follow " The Rule of 2 " ( The Rule of 2 ). That is, whenever an engineer writes a new Chrome feature, its code must not break the following two or more conditions:
Forwarded from Backup Legal Mega
>This code handles untrusted input
Code runs without sandbox
Code is written in an unsafe programming language (C / C ++)
Code runs without sandbox
Code is written in an unsafe programming language (C / C ++)
Forwarded from Backup Legal Mega
1)So far, Google has been trying to use the sandbox method in Chrome. They isolate dozens of processes into their own sandboxes, and recently introduced the "site isolation" feature, which puts the resources of each site into their own sandbox processes. But Google engineers said that considering performance issues, their method of using sandboxed Chrome components has reached the maximum benefit, and they must now seek new methods.
2) Therefore, Google plans to research and develop custom C ++ libraries for use with Chrome βs codebase, which can better protect memory-related errors.
3) At the same time, Google is also exploring the MiraclePtr project, which aims to turn "use-after-free bugs into unsafe crashes with acceptable performance, memory, binary size, and minimal stability impact."
4) Finally, it is worth noting that Google has indicated that it plans to use "safe" language to explore when possible. Candidates include Rust, Swift, JavaScript, Kotlin, and Java.
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β ββ
2) Therefore, Google plans to research and develop custom C ++ libraries for use with Chrome βs codebase, which can better protect memory-related errors.
3) At the same time, Google is also exploring the MiraclePtr project, which aims to turn "use-after-free bugs into unsafe crashes with acceptable performance, memory, binary size, and minimal stability impact."
4) Finally, it is worth noting that Google has indicated that it plans to use "safe" language to explore when possible. Candidates include Rust, Swift, JavaScript, Kotlin, and Java.
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β ββ
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 Min Linux Steam Requirements-from git sources :
team for Linux requires the following:
1 GHz Pentium 4 or AMD Opteron with:
1) x86-64 (AMD64) instruction set
2) CMPXCHG16B instruction support (cx16 in /proc/cpuinfo flags)
3) SSE3 instruction support (pni in /proc/cpuinfo flags)
4) 512 megabytes of RAM and 5 gigabytes of hard drive space, or better
5) Internet connection (Cable/DSL speeds recommended)
6) Latest Ubuntu LTS, fully updated
7) 64-bit (x86-64, AMD64) Linux kernel
8) 64-bit (x86-64, AMD64) and 32-bit (i386, IA32) graphics drivers and glibc
9) Latest graphics driver
10) NVidia driver support - For recent cards (e.g. series 8), you will need to install 310.x. For older cards, driver 304.x supports the NVidia 6 and 7 GPU series. To access these drivers, first update your cache and then install the specific driver you need from the list in Additional Drivers.
11) AMD driver support - For recent cards (e.g. series 5 and above), we recommend installing the 12.11 driver. For older cards, Catalyst 13.1 Legacy supports the HD 2400 Pro card and is the latest for the 2 and 4 GPU series.
12) Intel HD 3000/4000 driver support - you will need to use the latest Mesa drivers, Mesa 9 or later.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 Min Linux Steam Requirements-from git sources :
team for Linux requires the following:
1 GHz Pentium 4 or AMD Opteron with:
1) x86-64 (AMD64) instruction set
2) CMPXCHG16B instruction support (cx16 in /proc/cpuinfo flags)
3) SSE3 instruction support (pni in /proc/cpuinfo flags)
4) 512 megabytes of RAM and 5 gigabytes of hard drive space, or better
5) Internet connection (Cable/DSL speeds recommended)
6) Latest Ubuntu LTS, fully updated
7) 64-bit (x86-64, AMD64) Linux kernel
8) 64-bit (x86-64, AMD64) and 32-bit (i386, IA32) graphics drivers and glibc
9) Latest graphics driver
10) NVidia driver support - For recent cards (e.g. series 8), you will need to install 310.x. For older cards, driver 304.x supports the NVidia 6 and 7 GPU series. To access these drivers, first update your cache and then install the specific driver you need from the list in Additional Drivers.
11) AMD driver support - For recent cards (e.g. series 5 and above), we recommend installing the 12.11 driver. For older cards, Catalyst 13.1 Legacy supports the HD 2400 Pro card and is the latest for the 2 and 4 GPU series.
12) Intel HD 3000/4000 driver support - you will need to use the latest Mesa drivers, Mesa 9 or later.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Modify the configuration file
After entering the project interface, click "Help"-> "Edit Custom VM Optionsβ¦" in the top menu bar of Idea. If you are prompted to create a file, click "Yes".
After entering the project interface, click "Help"-> "Edit Custom VM Optionsβ¦" in the top menu bar of Idea. If you are prompted to create a file, click "Yes".
π¦ At the end of the opened vmoptions edit window,
> add:-javaagent: idea\jetbrains-agent.jar
> add:-javaagent: idea\jetbrains-agent.jar
π¦ Please carefully check whether the patch path is correct. If it is wrong, the Idea will not open. At this time, you can delete the Idea folder in the user configuration directory:
1) windwos: C: \ Users \ user name \
2) macos: ~ / Library / Preferences /
3) ubuntu: ~
> After modifying the configuration file, restart Idea
4) Enter the activation code
After restarting Idea, click "Help"-> "Registerβ¦" in the menu bar, there are two activation methods:
> Choose the last license server activation method, fill in the address: http://jetbrains-license-server(it should be automatically filled in), or click the button: "Discover Server" to automatically fill in the address and complete the activation
5) If the server activation method cannot be activated, you can also select Activation code to activate, copy the activation code below :
pastebin.com/r8A6W7am
6) View the validity period
When your activation is complete, there will be a small registration prompt box in the lower right corner of Idea. The general content is: You copy is Licensed to XXX, it will tell you: Brother, you have activated successfully, and the source of the activation code is : XXX.
7) To check the validity period, click: Help-> About Here you can see the version number, license source, validity period, and some environments of your Idea
There is no time limit for server activation, which is permanently valid
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
1) windwos: C: \ Users \ user name \
2) macos: ~ / Library / Preferences /
3) ubuntu: ~
> After modifying the configuration file, restart Idea
4) Enter the activation code
After restarting Idea, click "Help"-> "Registerβ¦" in the menu bar, there are two activation methods:
> Choose the last license server activation method, fill in the address: http://jetbrains-license-server(it should be automatically filled in), or click the button: "Discover Server" to automatically fill in the address and complete the activation
5) If the server activation method cannot be activated, you can also select Activation code to activate, copy the activation code below :
pastebin.com/r8A6W7am
6) View the validity period
When your activation is complete, there will be a small registration prompt box in the lower right corner of Idea. The general content is: You copy is Licensed to XXX, it will tell you: Brother, you have activated successfully, and the source of the activation code is : XXX.
7) To check the validity period, click: Help-> About Here you can see the version number, license source, validity period, and some environments of your Idea
There is no time limit for server activation, which is permanently valid
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Pastebin
license by undercode - Pastebin.com
The latest IDEA permanent activation tutorial
> How activate pycharm for free Lastest version
> How activate pycharm for free Lastest version
π¦CAN'T SAY CRACKED BY UNDERCODE XD, ALREADY REPORTING FOR THEIR TEAM(jetbrain) AND IN NEXT UPDATE THEY WILL PATCH IT I GUESS
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ How to evaluate OS security ?
---- With the development of the network, enterprises are connecting their local area networks to wide area networks or connecting their internal networks to the Internet. This gives more and more people (internal and external) access to internal network resources. As a result of this exposure, companies urgently need to address network security issues.
---- A major part of providing effective security is to evaluate how well the existing security mechanism is integrated with the enterprise's network security strategy-that is, to judge whether the security strategy is effectively implemented. The increasing complexity of the network makes the implementation of security policies more and more difficult.
---- Evaluating the effectiveness of each network security component is necessary to ensure effective network security. The two main components that provide network security are: firewall and operating system (OS).
---- Many companies put their energies on the firewall, and according to the report provided by Aberdeen Group, the most easily overlooked security holes are those that exist in the operating environment. Some vendors are committed to providing reliable versions of the operating environment, while most only provide optional, installable security services.
---- The operating system's security mechanism helps protect the machine running the OS from unauthorized access. Special protection for unauthorized access to specific information, specific machine instructions, and UNIX superuser instructions within the machine. Most firewalls and the Internet itself are built on a standard, unsecured UNIX operating environment. This is why everyone is not surprised by the existence of security threats. UNIX is very insecure, it is difficult to configure, and configuration errors may cause vulnerabilities.
---- The following two factors make the OS security mechanism very important:
---- (1) A second line of defense is provided behind the firewall. Hackers often break through or bypass firewalls, and OS security policies can effectively protect the system against such intruders.
---- (2) Defense against intruders in the enterprise. Internal intruders are already inside the firewall, and the FBI report indicates that more than 60% of computer crimes come from inside the enterprise. In most cases, the offenders are angry employees or contractors.
---- Evaluating OS security is quite difficult, especially UNIX, because it has many variants and vendors. Assessing the security of a UNIX system requires mastering the following three aspects:
---- (1) UNIX system settings
---- (2) Weaknesses caused by different versions of UNIX applications, including sending mail, FTP, NFS (Network File System) and TFTP (Simple File Transfer Protocol)
---- (3) Provided by different manufacturers Security patches-The
operating system is constantly patching BUGS and adding features to make the evaluation more complicated. These updates introduce new security vulnerabilities. What is needed at this time is a method for automatically evaluating operating system vulnerabilities and automatically implementing security policies. Only in this way can the gap between security strategy and security implementation be effectively assessed and shortened.
---- OS security scanning? The file just provides the required solution. The scanning software runs on each machine and probes each machine through a series of tests to dig out potential weaknesses. This software evaluates the stand-alone security environment from the perspective of the operating system and generates a detailed report of the vulnerabilities it finds, and proposes solutions.
π¦ How to evaluate OS security ?
---- With the development of the network, enterprises are connecting their local area networks to wide area networks or connecting their internal networks to the Internet. This gives more and more people (internal and external) access to internal network resources. As a result of this exposure, companies urgently need to address network security issues.
---- A major part of providing effective security is to evaluate how well the existing security mechanism is integrated with the enterprise's network security strategy-that is, to judge whether the security strategy is effectively implemented. The increasing complexity of the network makes the implementation of security policies more and more difficult.
---- Evaluating the effectiveness of each network security component is necessary to ensure effective network security. The two main components that provide network security are: firewall and operating system (OS).
---- Many companies put their energies on the firewall, and according to the report provided by Aberdeen Group, the most easily overlooked security holes are those that exist in the operating environment. Some vendors are committed to providing reliable versions of the operating environment, while most only provide optional, installable security services.
---- The operating system's security mechanism helps protect the machine running the OS from unauthorized access. Special protection for unauthorized access to specific information, specific machine instructions, and UNIX superuser instructions within the machine. Most firewalls and the Internet itself are built on a standard, unsecured UNIX operating environment. This is why everyone is not surprised by the existence of security threats. UNIX is very insecure, it is difficult to configure, and configuration errors may cause vulnerabilities.
---- The following two factors make the OS security mechanism very important:
---- (1) A second line of defense is provided behind the firewall. Hackers often break through or bypass firewalls, and OS security policies can effectively protect the system against such intruders.
---- (2) Defense against intruders in the enterprise. Internal intruders are already inside the firewall, and the FBI report indicates that more than 60% of computer crimes come from inside the enterprise. In most cases, the offenders are angry employees or contractors.
---- Evaluating OS security is quite difficult, especially UNIX, because it has many variants and vendors. Assessing the security of a UNIX system requires mastering the following three aspects:
---- (1) UNIX system settings
---- (2) Weaknesses caused by different versions of UNIX applications, including sending mail, FTP, NFS (Network File System) and TFTP (Simple File Transfer Protocol)
---- (3) Provided by different manufacturers Security patches-The
operating system is constantly patching BUGS and adding features to make the evaluation more complicated. These updates introduce new security vulnerabilities. What is needed at this time is a method for automatically evaluating operating system vulnerabilities and automatically implementing security policies. Only in this way can the gap between security strategy and security implementation be effectively assessed and shortened.
---- OS security scanning? The file just provides the required solution. The scanning software runs on each machine and probes each machine through a series of tests to dig out potential weaknesses. This software evaluates the stand-alone security environment from the perspective of the operating system and generates a detailed report of the vulnerabilities it finds, and proposes solutions.