akkuman

Overview

The following content is generated using a preview release of Swimlane's pyattck.

This snippet of data is scoped to the following actor groups:

IaaS指提供系统（可以自己选）或者储存空间之类的硬件，软件要自己手动装。PaaS提供语言环境和框架（可以自己选）。SaaS只能使用开发好的软件（卖软件本身，如税务会计、表格文字处理）。BaaS一般类似于非关系数据库，但各家不通用
云服务的特点：零前期成本 & 按需付费 & 弹性（类似于租，可随时多加、退掉；但没有残值）、高可用（放在机房中，不同AZ间水电隔离）

通览了 casbin 的文档，结合先前对 AWS IAM 的理解，以及对 ladon SDK 的使用，总结对比一下 Ladon & Casbin 两个授权库。

先对比两个项目的简介：

ladon

A SDK for access control policies: authorization for the microservice and IoT age. Inspired by AWS IAM policies. Written for Go.

	#include <Windows.h>
	#include <intrin.h>
	#include <string>
	#include <TlHelp32.h>
	#include <psapi.h>

	DWORD WINAPI Thread(LPVOID lpParam) {
	// Insert evil stuff

	ExitProcess(0);

	<#
	ImageFileExecutionOptions v1.0
	License: GPLv3
	Author: @netbiosX
	#>
	# Image File Execution Options Injection Persistence Technique
	# https://pentestlab.blog/2020/01/13/persistence-image-file-execution-options-injection/

	function Persist-Debugger

	"""
	Self-contained test for a simple Celery task interaction using an ephemeral MongoDB broker.

	* MongoDB is created using docker with a temporary directory for storage.
	* Celery broker is designated with the above containers random host-port.
	* Celery worker is created using python Multi-process and managed.
	* Triggers a distributed task
	* Stops celery workers
	* Stops mongodb container
	* Removes temp directory.

	Windows Registry Editor Version 5.00
	[HKEY_CURRENT_USER\Software\Microsoft\InputMethod\Settings\CHS]
	"LangBar Force On"=dword:00000000
	"Enable Double Pinyin"=dword:00000001
	"EmoticonTipTriggerCount"=dword:00000001
	"HapLastDownloadTime"=hex(b):eb,69,29,59,00,00,00,00
	"UserDefinedDoublePinyinScheme0"="小鹤双拼2^*iuvdjhcwfg xmlnpbksqszxkrltvyovt"
	"DoublePinyinScheme"=dword:0000000a
	"UDLLastUpdatedTime"="2019-05-08 09:30:00"
	"UDLCount"=dword:0000018b

	<html>
	<body>
	<script>
	const tags = ["a", "abbr", "address", "area", "article", "aside", "audio", "b", "base", "bdi", "bdo", "blockquote", "body", "br", "button", "canvas", "caption", "cite", "code", "col", "colgroup", "data", "datalist", "dd", "del", "details", "dfn", "dialog", "div", "dl", "dt", "em", "embed", "fieldset", "figcaption", "figure", "footer", "form", "h1", "h2", "h3", "h4", "h5", "h6", "head", "header", "hgroup", "hr", "html", "i", "iframe", "img", "input", "ins", "kbd", "keygen", "label", "legend", "li", "link", "main", "map", "mark", "math", "menu", "menuitem", "meta", "meter", "nav", "noscript", "object", "ol", "optgroup", "option", "output", "p", "param", "picture", "pre", "progress", "q", "rb", "rp", "rt", "rtc", "ruby", "s", "samp", "script", "section", "select", "slot", "small", "source", "span", "strong", "style", "sub", "summary", "sup", "svg", "table", "tbody", "td", "template", "textarea", "tfoot", "th", "thead", "time", "title", "tr", "track", "u", "ul", "var", "video", "wbr"]

	package main

	/*
	*
	* This is just a Go implementation of https://github.com/monoxgas/sRDI/
	* Useful if you're trying to generate shellcode for reflective DLL
	* injection in Go, otherwise probably not much use :)
	*
	* The project, shellcode, most comments within this project
	* are all from the original project by @SilentBreakSec's Nick Landers (@monoxgas)

	##
	## HTTP Router benchmarks -- Nov 29, 2020 with Go 1.15.5 on Linux AMD 3950x
	##
	## This benchmark suite is based on https://github.com/julienschmidt/go-http-routing-benchmark
	## using the most up-to-date version of each pkg as of today. Each router has their own
	## pros and cons, so consider the designs of each router to suit your application.
	##
	## NOTE: the memory reports below by the go benchmark tool look quite wrong, as there must
	## be a bug somewhere in the go bench tool with the Go version I'm running. I will re-run
	## with future versions and report back. However, in general you'll want to look at the "ns/op"