SHARING IS CARING.
Here are some things we want to share with you and the world.
AutoPentest-DRL – Automated Penetration Testing Using Deep Reinforcement Learning
AutoPentest-DRL is an automated penetration testing framework based on Deep Reinforcement Learning (DRL) techniques. The framework determines the most appropriate attack path for a given network, and can be used to execute a simulated attack on that network via penetration testing tools, such as Metasploit. AutoPentest-DRL is being developed by the Cyber Range Organization and Design (CROND) NEC-endowed chair at the Japan Advanced Institute of Science and Technology (JAIST) in Ishikawa, Japan. An overview of AutoPentest-DRL is shown below. The framework can use network scanning tools, such as Nmap, to find in the target network; otherwise, user input is employed instead. The MulVAL attack-graph generator is used to determine potential attack trees, which are then fed in a simplified form into the DQN Decision Engine. The attack path that is produced as output can be fed into penetration testing tools, such as Metasploit, to conduct an attack on a real target network, or used with a logical network instead, for example for educational purposes. In addition, a topology generation algorithm is used to produce multiple network topologies that are used to train the DQN. Next we provide brief information on how to setup and use AutoPentest-DRL. For details, please refer to the User Guide that we also make available. Prerequisites Several external tools are needed in order to use AutoPentest-DRL, as follows: Nmap: Network scanner used by AutoPentest-DRL to determine vulnerabilities in a given real network. The command needed to install nmap on Ubuntu is given below: sudo apt-get install nmap Setup AutoPentest-DRL has been developed mainly on the Ubuntu 18.04 LTS operating system; other OSes may work, but...
Running .NET Core on Docker
It’s a new era for Microsoft and for .NET, and that is not an overstatement. If you haven’t been following, here are some of the things that happened over the last year: .NET Framework and C# language has been open-sourced and is now being developed in the open on GitHub .NET now officially runs on Windows, Linux, Mac OS X, iOS, Android and you can get full development experience on any OS too Microsoft is bringing native Linux experience into Windows And with the new .NET Foundation the whole ecosystem is not even owned by Microsoft anymore.Putting all of this together you get a full experience where you can develop with C# on either Windows or Mac, use proper command-line UNIX-based developer tools even on Windows, and happily deploy to Linux servers. Basically .NET/C# has overtaken Java as the true cross-platform development ecosystem. Plan In order to get experience with the new toys, I’ve come up with the following plan: Create a “hello world” web service using .NET Core and C# on Mac Run it in docker Deploy it to AWS container service Let’s get our hands dirty… Step 1: Set up .NET Core So I decided to use Mac OSX rather than Windows to make it more interesting (plus it will make life easier when trying to run docker). Installing .NET is super easy just following the steps here .NET Core installation steps That gives you dotnet command line tool which you can use to create, build, run projects without any IDE. Here is how you create and run a new “Hello World” console app: Visual Studio Code...
10 Awesome Github Repos Every Web Developer Should Know – DEV
I have collected ten great repositories you can find on GitHub that will definitely give you an instant knowledge boost. 1. Awesome Awesome is, without a doubt, the most popular repo that curates all topics from software development to hardware to business. It has more than 123,000 stars on Github at this moment, and one could spend days (nights) browsing it. It is my one-stop-shop if I want to learn something new. 2. List of (Advanced) JavaScript Questions This repository (13,000 stars) created by Lydia Hallie (great person, by the way, check her out on Instagram!) is awesome if you want to test your JavaScript knowledge and/or prepare for a job interview. Lydia constantly adds new questions, so this repo is growing steadily! 3. JavaScript Algorithms and Data Structures JavaScript Algorithms (59,500 stars) contains a tremendous amount of JavaScript-based examples of popular and less popular algorithms and data structures. The structure is really nice because the examples are labeled either beginner or advanced. So whether you are interested in cryptography, sorting, graphs or even machine learning (and much more), there will be something for you. 4. Clean Code JavaScript Knowing how to write clean code is a useful skill for almost every developer and mandatory in many projects and corporations. This repository (28,400 Stars) takes the concepts of Clean Code by Robert C. Martin and adapts them for JavaScript so you can use them in future work. 5. free-for.dev This great repository (30,000 stars) was created to helping developers find software (SaaS, PaaS, IaaS) and similar offerings that have free tiers. Using great software for free? Sounds awesome! There...
Speed up relationship queries in Laravel • Ben Sampson • Web designer and developer
Adding indexes to your database tables is a great way to get some extra performance out of your application, especially if you have a large amount of data in your tables. They should be used sparingly and only on identified slow queries, as they have implications of their own such as increased table size and increased RAM usage. But those potential drawbacks are well worth it when you can get a query down from 3 seconds to 15 milliseconds with 5 minutes of work. The effects are particularly noticeable on polymorphic / many to many polymorphic relationships. The type of index created depends largely on the relationship type and the content structure. Creating indexes in Laravel Adding indexes to your tables in Laravel is very straightforward. In your migrations you can add: See the Laravel documentation on indexes for more info. One to one / one to many relationships One to one and one to many relationships primarily work through foreign keys. Say we have 2 tables, users and addresses, where each user can have one address (one to one), the foreign key would be the user_id column on the addresses table. The same can be said for if a user can have multiple addresses (one to many). For each of your foreign keys in your migration, you should let your database know that they are indeed foreign keys: You also get some extra benefits out of this by using foreign key constraints which will ensure data integrity, i.e. making sure you don’t delete a profile which is being used by a user. By default, MySQL using the InnoDB...
React Native for long-term mobile app development – Accedia
React Native has been one of the groundbreaking players in the hybrid development game. Since its inception back in 2015, the technology has come a long way. My professional experience in developing mobile apps with React Native started two years ago and since then I’ve worked on a number of projects using the framework – from MVPs to legacy applications. While the former was just about utilizing rapid prototyping, the latter required the implementation of many functionalities – payment integrations, GPS fore-/background tracking, unit and e2e tests. Based on my experience with React Native and the multitude of articles and information about the technology’s redeeming qualities, this article investigates the technology’s shortcomings that both businesses and developers need to be aware of. Key Advantages of React Native Before diving deep into the challenges, let us look at the major pros for choosing React Native for your mobile project: When I initially started working with React Native, I had the impression that it is too good to be true. The mobile technology does work exactly as advertised, but this does come at a price in the mid/long term. The cons of using React Native are not as clear from the get-go. That is why the following paragraphs are going to elaborate on why React Native requires more scrutiny when considering it as a possible route for your next project. React Native Limitations Understanding the limitations of React Native before you start developing your mobile app is extremely important. Read on to learn the challenges I have faced and how I dealt with them. Dynamic typing Javascript’s dynamic style of typing...
Sen. Hwang Calls For CT Cyber Security Task Force
HARTFORD, CT – Following the devastating and debilitating cyber-attack of United States energy infrastructure and Connecticut Department of Motor Vehicles (DMV) functions raised alarming concern about national and state preparedness against online and computer sabotage. The recent report from the U.S. Secretary of Energy on the shut down and eventual reopening of the Colonial Pipeline that provides critical oil resources for the national economy, Sen. Tony Hwang (R-28) offers the following statement on the hacking and shutdown of the pipeline and the looming potential of future attacks. “The hacking of the Colonial pipeline presents an existing and pervasive vulnerability in our national cybersecurity. These kinds of demonstrated threats have to be taken seriously. It is jarring that an internet-based attack from unknown hackers or even more dangerous potential terrorist acts can make such a major impact on access to vital resources critical to our national security and economic functionality. “What could be next? Military Contractors? Utility Companies? Banking information? Personal financial information? Individuals’ medical data? With so much more happening and dependent on the internet and cybertechnology, there is too much at stake. “In 2019, as the ranking Senate leader in the Public Safety Committee, I proposed Senate Bill 709 to create a task force dedicated to a comprehensive and cooperative approach to cybersecurity 1) within and across state government including military, judicial and administrative services, 2) through relationships with neighboring states and with the federal government, 3) in coordination with the corporate community and broader business sector, and 4) to protect individual data privacy and application security for Connecticut residents. “This is an absolutely critical issue for the State of Connecticut and...
Building Android Apps Using React Native: Key Benefits and Challenges to Know
There were developers who always harboured doubts and scepticism about the cross-platform development frameworks. There was a time when any iOS and Android app development company used to underestimate the power of cross-platform technologies and instead always held native development in high esteem. All such notions have changed thanks to this robust and most developer-friendly framework called React Native. Now, a React Native developer with exposure across niche apps experiences more demand than native developers. This is because the framework really transformed the way we conceive cross-platform app development. Obviously, the framework has its own share of pros and cons as well. For developing Android apps the framework boasts of some peculiarities that need to be taken into consideration. As a cross-platform developer, you need to have a clear idea of the pros and cons of this framework for building applications on React Native platform. Let us have a look at them in brief before moving over to the reasons to use this framework in more details. -> Pros React Native is a leading cross-platform development framework with a lot of competitive advantages for the developers and the overall app quality. Before you hire android app developer for your next development project, it is important to be aware of the crucial advantages of React Native framework. Here are some of the key pros that go in favour of React Native. React Native comes with the lowest learning curve and this helps in faster development and time to market apart from the cost advantage through low-cost hiring of developers. React Native offers great reusability of the code for building apps...
Big Data Powers Design of ‘Smart’ Cell Therapies for Cancer | UC San Francisco
Finding medicines that can kill cancer cells while leaving normal tissue unscathed is a Holy Grail of oncology research. In two new papers, scientists at UC San Francisco and Princeton University present complementary strategies to crack this problem with “smart” cell therapies – living medicines that remain inert unless triggered by combinations of proteins that only ever appear together in cancer cells. Biological aspects of this general approach have been explored for several years in the laboratory of Wendell Lim, PhD, and colleagues in the UCSF Cell Design Initiative and National Cancer Institute-sponsored Center for Synthetic Immunology. But the new work adds a powerful new dimension to this work by combining cutting-edge therapeutic cell engineering with advanced computational methods. For one paper, published Sept. 23, 2020, in s, members of Lim’s lab joined forces with the research group of computer scientist Olga G. Troyanskaya, PhD, of Princeton’s Lewis-Sigler Institute for Integrative Genomics and the Simons Foundation’s Flatiron Institute. Using a machine learning approach, the team analyzed massive databases of thousands of proteins found in both cancer and normal cells. They then combed through millions of possible protein combinations to assemble a catalog of combinations that could be used to precisely target only cancer cells while leaving normal ones alone. In another paper, published in Science on Nov. 27, 2020, Lim and colleagues then showed how this computationally derived protein data could be put to use to drive the design of effective and highly selective cell therapies for cancer. “Currently, most cancer treatments, including CAR T cells, are told ‘block this,’ or ‘kill this,’” said Lim, also professor and chair...
6 Tips About Data Seeding in Laravel – Laravel Daily
Laravel migration mechanism has a great function of seeding data. In this article, I will show random tips from my own experience, how to use seeding in real-life cases. Tip 1. Use updateOrCreate() to avoid double-seeding Imagine this seeder code, and imagine if for some reason this seeder would be launched more than once: Second attempt to run seeder would probably fail because of conflicting IDs. In other scenario, if you don’t specify IDs, then you may end up with too much data in the table, with repeating entries. To avoid that, do this: Some more details in my other article. Tip 2. Run only one Seeder class Some time ago I was quite surprised by how many people don’t know that you can specify a seeder class when running php artisan db:seed. This command above will launch everything listed in DatabaseSeeder.php file. But you can limit the launch to one exact seeder: Tip 3. Run Seeder Class From Migration Quite often you need to create a new DB table and immediately seed it with some data. But in production environment you can’t just run “artisan db:seed”, especially if you have automated deployment setup which involves only “artisan migrate” command. The trick is to launch a specific seeder from migration file itself. Tip 4. Seeder Factory with Relationship: Use Parent’s Factory If you use Factories for your seeds, how do you set up relationships between two models? For example, you need to seed 10 companies and 10 contacts within those companies? Here’s how database/factories/CompanyFactory.php may look like: See how company_id field is filled in? With another factory. There’s also another, perhaps...8 Hurdles Startups Face in the Way Of Mobile App Development
This guest column is by Prateek Saxena, Managing Director, AppInventiv Mobile app development has become the most crucial task, which has a direct impact on setting up of different companies as a startup, and also regarding their marketing and popularity. Of course, nobody wants an insipid and monotonous app which is identical to other apps in the market. Here I am going to present the voyage mobile app developer goes through. In the current scenario, as a technical or nontechnical startup founder, if you are thinking about developing a mobile application think again! According to a report from WMC forum, just in October 2012, there were 43813 new apps launched in iOS app store alone i.e. 1400 new apps per day. Can you imagine where those numbers could reach if you include Android app store as well in 2016? But many of them were completely fiasco. Developing a mobile app is a herculean task. Even to reach the app store you have to cross so many hurdles. Here are some unfeasible challenges faced by mobile app developer as a startup founder. 1. App Discovery The fundamental aim of developing an app is to make life simple, productive and pleasant. Keeping it in mind, creating an app which gets noticed is a grueling task. There are a way more good apps than there are successful ones, and that’s because many of the good ones don’t get investment. App discovery is extremely concerned with who are your users, what type of service they are expecting, their financial background and many others factors. Make sure while choosing developer team, it must be...
How to Fail as a Web Developer
By Matt Huntington Three months into my first job out of college, as a web developer at a financial reporting company, I wiped out every single one of my company’s client records in one command. I had uploaded a script meant to eliminate one client, but quickly realized that it removed all of them and I couldn’t get the records back. (This was in the early 2000s, when it was less common to work locally before sending code to your live website.) I went into full-on crisis mode and started getting my resume ready, resigned to the fact that I was going to be fired. I was even Googling to see if I could be sued for what I had done. As a web developer, you’re going to fail — often, and sometimes in huge ways — whether you’re a newbie or a veteran. Thankfully, a tech manager saved the day by telling me about the company’s nightly database backup and we quickly fixed most of the problem. But until that moment, I was sweating bullets.As a web developer, you’re going to fail — often, and sometimes in huge ways — whether you’re a newbie or a veteran (for example, see this recent mishap at Amazon’s web hosting service S3, in which a typo took down massive services like Trello and Quora). But messing up doesn’t have to be stressful. In fact, when it does happen, staying calm is key because panic can cloud your judgement and force you to make rash decisions.If you understand how to diagnose a problem, learn from your mistakes, and remember that this happens...
Colonial Pipeline sought a cyber-security manager months before hack
What happened in the Colonial Pipeline ransomware attack Colonial Pipeline, the operator of a major pipeline system that transports fuel across the East Coast said it had been victimized by a ransomware attack and had halted all pipeline operations to deal with the threat. It may seem too late to fill the position now, but Colonial Pipeline, the target of the biggest pipeline hack in history, began searching for a cyber-security manager nearly two months ago. Colonial Pipeline, a Georgia-based oil company, sought someone to manage a team of security experts in order to “develop, validate and maintain an incident response plan and processes to address potential threats.” Job requirements included a bachelor’s degree in computer science, information security or a related field, according to an on Colonial’s website. The job posting also appeared on search sites such as Indeed, ZipRecruiter and GlassDoor. A spokesperson for the company told FOX Business that the position – which has been open for more than 30 days – was not created as a result of the ransomware attack and is part of a broader initiative by the company to “continue building our current cybersecurity team.” “We have several positions open as part of our longer-term growth strategy around talent, as we are constantly recruiting top-tier talent across all functional areas of our business,” the spokesperson added. The ransomware attack crippled North America’s biggest fuel pipeline late last week, cutting off almost half of the gasoline and diesel burned on the nation’s East Coast. Gas stations across several states have run out of fuel amid panic-buying and a lack of supplies. The average...
Is now the time to consider a PWA for your Magento website? | Wise – web-development – Drupal, Magento, Symfony, AngularJS
Often enough, mobile devices now account for 40-70% of all online traffic. Yet, users still have significantly lower conversion rates for mobile devices. There are two main factors that lead to low conversion rates are website convenience in terms of user interaction and performance which means load times of web content on your mobile device. Quite a new technology PWA is increasingly common in discussion of possible solutions for improving a website load time, along with more powerful servers, caching systems and clouds. To improve the customer experience for online shoppers, the native applications are frequently used. PWA, in turn, brings almost all advantages of a native mobile app to the web. Many are now talking about PWA as a business milestone, that is setting the new standards for E-commerce best practices. So, initially, we have the challenge to understand – what exactly PWA (Progressive Web Application) is and what this technology can offer for the store owners and the online shoppers. Progressive Web Applications (PWAs) are web applications that load like regular web pages or websites but can offer the user functionality such as working offline, push notifications, and device hardware access traditionally available only to native Mobile applications. PWAs combine the flexibility of the website with the experience of a native Mobile application. And perhaps this could be the most important advantage from your client’s point of view – PWA delivers an app-like experience, without the need to go through device-specific App Store or Google Play and go through an installation procedure. It can essentially be installed into a user’s mobile home screen from the web to...
A Guide to Automating & Scraping the Web with JavaScript (Chrome + Puppeteer + Node JS)
Udemy Black Friday Sale — Thousands of Web Development & Software Development courses are on sale for only $10 for a limited time! Full details and course recommendations can be found here. What Will We Learn? In this tutorial you’ll learn how to automate and scrape the web with JavaScript. To do this, we’ll use Puppeteer. Puppeteer is a Node library API that allows us to control headless Chrome. Headless Chrome is a way to run the Chrome Browser without actually running Chrome. If none of that makes any sense, all you really need to know is that we’ll be writing JavaScript code that will automate Google Chrome. Before Starting Before starting you’ll need to have Node 8+ installed on your computer. You can install it here . Make sure to choose the “Current” version as it is 8+.If you’ve never worked with Node before and want to learn, check out: Learn Node JS — The 3 Best Online Node JS Courses .Once you have Node installed, create a new project folder and install Puppeteer. Puppeteer comes with a recent version of Chromium that is guaranteed to work with the API: npm install --save puppeteer Example #1 — Taking a Screenshot Once you have Puppeteer installed, we’re going to walk through a simple example first. This example is straight from the Puppeteer documentation (with minor changes). The code we’ll walkthrough will take a screenshot of any website you tell it to.To start out, create a file named test.js and copy in the below code:Let’s walk through this example line by line. Line 1: We require our Puppeteer dependency that...
What are the Main Reasons that iOS Mobile App Development Earns Higher Revenues from AppStore?
Here we are discussing the main factors that make iOS mobile app development higher revenue generating from AppStore because the utilization of Smartphones in today’s era has extremely expanded. Today, all Smartphones and handheld devices are made good in web capacities; which has prompted the development of various mobile applications. With the arrival of Smartphones every day, the operating system is additionally ad improvised and redesigned. The Internet has empowered individuals to be associated with various working applications like online shopping, Google locations, playing games and many more. is an industry that is becoming quick on the grounds which Smartphones have turned into an essential need in day to day lives of a huge number of individuals around the globe. Anyway, all-inclusive, android has commanded the mobile application industry with a huge rate. This is on the grounds that android offers developers diverse developing opportunity and in addition empower clients to appreciate different features that accompany its operating system. Despite the fact that, a few people still lean toward the iOS platforms in view of the utilization of iPhones, iPads and other Apple devices. There are distinctive reasons that individuals incline toward utilizing the to Android devices. This is the reason for which the global mobile application development market is dominated by the . Here is a Portion of These Purposes behind the Selection of iOS-Based Mobile Application Development User Experience: The User experience is constantly given precedence and priority, for it enables its customer to remain steadfast. The operating system of all Apple devices is one that most developers incline toward. Creates Higher App Revenue: Aside from customer...
UCF Offers New Master’s Program in Cyber Security and Privacy
A new master’s degree in cyber-security and privacy will be offered beginning this fall at UCF, designed to train professionals who can protect and defend computer systems, networks and organizations from costly cyber attacks. The recent ransomware attack that crippled a southeast regional gasoline supply line has called attention to the impact and cost that cyber breaches have on daily life, and illustrates the nation’s critical need for cybersecurity and defense professionals. The number of cyber attacks and data breaches is increasing, costing the U.S. economy more than $110 billion annually according to national estimates, while thousands of cyberdefense jobs remain unfilled. In Florida alone, more than 21,000 cybersecurity jobs are currently available. Nationally, cyber jobs — such as information security analysts — are expected to grow 31% in 10 years, according to the Bureau of Labor Statistics, and the average salary is $103,190. Yan Solihin, the Charles N. Millican Professor of Computer Science, says that the attacks are increasing partly because of the proliferation of connected and networked devices such as smart cars, smart appliances and the “Internet of Things,” and partly because the nation cannot produce skilled cybersecurity professionals fast enough. “We live in a dangerous world and cyber attacks, such as ransomware and phishing, are increasing,” says Solihin. “Hackers are looking at all of the infrastructure that we have. They will keep probing for vulnerabilities which are often found in organizations that do not have enough trained professionals to provide oversight, protection and defense measures.” By offering a master’s degree in cyber security and privacy, Solihin says, UCF is doing its part to produce the talent...
