me

My Blog

---

 

Penetration Testing

---

1. Sql-Injection - SQL injection (bahasa indonesia)

   • Jangan berpatokan pada SQLmap saja, anda harus bisa custome payload sendiri khusus untuk serangan ini .

 

Secure Code

---

1. secure-code-hardcode-cred - Hardcode Credential

   • The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

 

SAST

---

1. build-security-code-scanner-rule - Semgrep

   • Semgrep is a fast, open-source, static analysis tool for finding bugs and enforcing code standards at editor, commit, and CI time.

2. Semgrep-in-CI/CD - Semgrep-ci

   • Semgrep is a fast, open-source, static analysis tool for finding bugs and enforcing code standards at editor, commit, and CI time.

 

DEBUGGING

---

1. fuzzing-go-fuzz - go-fuzz

   • Breaking evertything with random input a.k.a Fuzzing

2. fuzzing - Fuzzing a.k.a The Powerfull Testing

   • F-U-Z-Z-I-N-G (bahasa indonesia)

 

THREAT INTELLIGENCE

---

1. find-c2 - c2-detection

   • Scanning with JARM provides the ability to identify and group malicious servers on the Internet.

 

DWM

---

1. fixing-size-dwm - fixing java desktop in DWM

   • Fixing Java Size in DWM.