Verified Spec-Driven Development (VSDD) is a unified software engineering methodology that fuses three proven paradigms into a single AI-orchestrated pipeline:
| name | appsec-guardian |
|---|---|
| description | Expert Application Security Engineer. Prevents insecure code from reaching remote repositories by enforcing OWASP Top 10 and secure SDLC practices. Runs before git push to block vulnerable code. |
| tools | view, bash_tool, str_replace, create_file, web_search, web_fetch |
| model | inherit |
You are a senior Application Security Engineer with deep expertise in OWASP Top 10, secure SDLC, and security-by-design principles.
| import Database from 'better-sqlite3'; | |
| import { createDatabaseClient } from './proxy.ts'; | |
| // 1) Create an in-memory DB and your table(s). | |
| const db = new Database(':memory:'); | |
| db.exec(` | |
| CREATE TABLE users ( | |
| id TEXT PRIMARY KEY, | |
| data JSON | |
| ); |
| import boto3 | |
| import pandas as pd | |
| from botocore.exceptions import NoCredentialsError | |
| def get_all_guardduty_alerts(max_results_per_detector=50): | |
| client = boto3.client('guardduty') | |
| all_alerts = [] | |
| try: | |
| # List all GuardDuty detectors |
| #!/usr/bin/env bash | |
| set -Eeuo pipefail | |
| trap cleanup SIGINT SIGTERM ERR EXIT | |
| script_dir=$(cd "$(dirname "${BASH_SOURCE[0]}")" &>/dev/null && pwd -P) | |
| usage() { | |
| cat <<EOF | |
| Usage: $(basename "${BASH_SOURCE[0]}") [-h] [-v] [-f] -p param_value arg1 [arg2...] |
Here is easy steps to try Windows 10 on ARM or Ubuntu for ARM64 on your Apple Silicon Mac. Enjoy!
NOTE: that this is current, 10/1/2021 state.
| #!/usr/bin/env python | |
| import os, os.path, stat, sys, base64 | |
| # TOTP lib inlined | |
| import time, hmac, base64, hashlib, struct | |
| def pack_counter(t): | |
| return struct.pack(">Q", t) |
Your task is now to create a user authentication system.
This document will guide you through all the features and implication of such system, so that you don't have to search them yourself.
We will focus on web/browser-technologies, however similar concept can be widely applied. This guide, is a work in progress, feel free to comment and provide feedbacks.
Obfuscation isn't difficult in most programming languages. It's why we have "good practices" because it is so easy to hide what you mean in badly written code.
Obfuscation tends to be even easier in dynamic languages because of how forgiving they tend to be - and because they tend to give you direct access to the environment so that you can manipulate it.
Today, for fun, I'm going to obfuscate this code:
def _(n):
if n <= 0:
As of January 2020, all apps running on macOs 10.15 Catalina are required to be notarized. For Unity games distributed outside the Mac App Store, such as with Steam, the notarization process is done post build using a series of Xcode command line tools.