- Secret Key:
F5LABS4445663337899 - Coded:
F5LABS7776888678123 - UI Checks:
F5LABS3425563334219 - Authorization Mess:
F5LABS34255676246218 - Version Trouble:
F5LABS0099876655774 - Bypass Controls:
F5LABS9899877665588 - Weak Tokens:
F5LABS1116536788549 - Credentials Stuff:
F5LABS4445663337899,F5LABS8387288577236
Dipesh Bhardwaj Dev-Dipesh
Dev-Dipesh
/ API_SEC_CTF.md
Created
May 5, 2023 09:48
Dev-Dipesh
/ clark-wilson_model.md
Last active
April 27, 2024 09:22
The Clark-Wilson model is a security framework designed to ensure that computer systems process transactions securely and maintain data integrity. It revolves around two main concepts:
- Constrained Data Items (CDIs): These are sensitive data elements that must be protected to ensure they remain accurate and reliable. The model ensures that CDIs can only be modified through specific, authorized procedures.
- Transformation Procedures (TPs): These are the only processes that can change CDIs. Each TP must be certified to meet certain integrity conditions, ensuring they only manipulate data in allowed ways.
In practical terms, the model requires users to be authenticated before accessing the system and ensures they have permission to execute TPs. It monitors and logs all transactions, both successful and those denied due to integrity issues or unauthorized access attempts. This framework is particularly useful in environments requiring strict audit capabilities and rigorous data integrit
Dev-Dipesh
/ secure_remote_culture.md
Last active
June 27, 2023 15:18
In this Gist, I've shared two tables that outline the steps and technologies involved in creating a secure remote work environment using VDI, VPN, RBI, and other security measures. The first table is a 6-step user journey highlighting risks and mitigation strategies. The second table presents additional steps and technologies to create a Zero Trust remote work environment.
VDI (Virtual Desktop Infrastructure): VDI is a virtualization technology that allows users to access a fully functional desktop environment remotely. It creates virtual machines on a centralized server, each running a separate operating system instance. Users can access these virtual desktops from their devices using a remote desktop protocol. VDI helps enhance security by keeping sensitive data within the data center, simplifying patch management, and providing centralized control over user access.
RBI (Remote Browser Isolation):
Dev-Dipesh
/ realtime_dashboard_app_logs.md
Last active
December 13, 2019 01:25
Cube.Js Realtime Dashboard App Logs
> [email protected] dev /Users/dipesh/Desktop/Contentment Projects/TEST_REPO/super_admin
> node index.js
🔓 Authentication checks are disabled in developer mode. Please use NODE_ENV=production to enable it.
🦅 Dev environment available at http://localhost:4000
🚀 Cube.js server is listening on 4000
The missing markdown feature cheat sheet for Boostnote.
It tries to give a short summary of all formatting options which are available in Boostnote.
👉 Open the Preview Page to see how it's rendered.
🈴 Chinese Version
Dev-Dipesh
/ ffmpeg-install.sh
Created
October 17, 2018 02:48
— forked from clayton/ffmpeg-install.sh
Install FFMPEG on OS X with HomeBrew to convert Mp4 to WebM
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Installation | |
| brew install ffmpeg --with-vpx --with-vorbis --with-libvorbis --with-vpx --with-vorbis --with-theora --with-libogg --with-libvorbis --with-gpl --with-version3 --with-nonfree --with-postproc --with-libaacplus --with-libass --with-libcelt --with-libfaac --with-libfdk-aac --with-libfreetype --with-libmp3lame --with-libopencore-amrnb --with-libopencore-amrwb --with-libopenjpeg --with-openssl --with-libopus --with-libschroedinger --with-libspeex --with-libtheora --with-libvo-aacenc --with-libvorbis --with-libvpx --with-libx264 --with-libxvid | |
| # Easy Peasy | |
| ffmpeg -i video.mp4 video.webm |
Dev-Dipesh
/ My Sublime 3 settings
Created
March 11, 2018 05:05
— forked from tylermcginnis/My Sublime 3 settings
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "auto_complete_commit_on_tab": true, | |
| "color_scheme": "Packages/Oceanic Next Color Scheme/Oceanic Next.tmTheme", | |
| "draw_white_space": "all", | |
| "font_face": "Fira Mono", | |
| "font_size": 20, | |
| "tab_size": 2, | |
| "theme": "Brogrammer.sublime-theme", | |
| "translate_tabs_to_spaces": true, | |
| "trim_automatic_white_space": true, |
The Goal of this gist is to help understand service worker. It's not for diving deep in the core, but to understand the concepts, benefits and trade offs.
I have listed three resources which helped me greatly to unfurl the curtains:
- Cache-first strategy: Offline Cookbook
- Best talk from Jake Archibald: Instant Loading: Building offline-first Progressive Web Apps - Google I/O 2016
- Code snippet below auto generated from sw-precache-webpack-plugin in repo create-react-app
Dev-Dipesh
/ mitchell_ms_sqlV2.js
Created
February 3, 2017 22:54
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const sql = require("mssql"); | |
| require("msnodesqlv8"); | |
| const conn = new sql.Connection({ | |
| database: "db_name", | |
| server: "server_name", | |
| driver: "msnodesqlv8", | |
| options: { | |
| trustedConnection: true | |
| } | |
| }; |
Dev-Dipesh
/ rabbitmq_notes.md
Last active
September 28, 2024 19:36
Why RabbitMQ is better over Redis and notes on RabbitMq.
Redis is Database whereas RabbitMQ was designed as a message router or message-orientated-middleware (mom), so I'm sure if you look for benchmarks, you'll find that RabbitMQ will outperform Redis when it comes to message routing.
RabbitMQ is written in Erlang which was specifically designed by the telecom industry to route messages, you get clustering out of the box due to it being written in Erlang which means in a clustered environment, RabbitMQ will outperform Redis even further.
Furthermore, you get guaranteed delivery of messages due to the AMQP protocol, in other words, if the network drops while consuming the message, the consumer won't be able to say thanks for the message, so the consumer will drop the message and Rabbit will requeue the message, if you publish a message and the queue didn't say thanks to the publisher due to network problems or timeouts, Rabbit will drop the message and the publisher will keep on trying to publish the message. You can have publish retries with backoff policies, so