bg_image
header

Stub

A "stub" is a term used in software development to refer to an incomplete part of a software or a function. Stubs are often used as placeholders to simulate or represent a specific functionality while it's not fully implemented yet. They can be used in various stages of development, such as early planning or during the integration of different parts of software. Stubs help developers to test or develop parts of software without having all dependent components available yet.

 


Created 8 Months ago

Mock

A "mock" is a term in software development that refers to a technique where a simulated object or module is created to mimic the behavior of a real component. Mocks are commonly used in testing environments, particularly in unit tests.

Here are some key points about mocks:

  1. Simulating Dependencies: In a typical software application, modules or objects may depend on each other. However, when you want to test a component in isolation without being influenced by other dependent components, you can use mock objects to simulate the behavior of these other components.

  2. Simple Implementation: Mocks are often simple placeholders or stubs used to mimic specific functions or methods. They are specifically designed for testing purposes and often contain predefined behaviors to simulate certain scenarios.

  3. Control Over Testing Environment: By using mocks, developers can have better control over the testing environment and simulate specific conditions or edge cases more easily. This increases the predictability and reproducibility of tests.

  4. Reducing External Dependencies: Using mocks can help avoid or reduce external dependencies, such as databases or APIs, increasing test speed and making tests more independent.

Mocks are an important tool in a software developer's toolkit, especially when it comes to writing tests that are robust, maintainable, and independent of each other.

 


Created 8 Months ago

CSRF Token

A CSRF token (Cross-Site Request Forgery token) is a security measure used to prevent Cross-Site Request Forgery (CSRF) attacks. CSRF is a type of attack where an attacker tricks a user into performing unwanted actions in a web application while the user is already logged into the application.

The CSRF token is a randomly generated value assigned to each user during their session. This token is typically used in the form of a hidden field in web forms or as part of URL parameters in AJAX requests. When the user performs an action, the web application checks if the submitted CSRF token matches the expected token. If the tokens match, the request is considered legitimate and processed. Otherwise, the request is rejected.

By using CSRF tokens, web applications can ensure that the actions performed originate from the authorized user and not from an attacker attempting to exploit a user's session. This helps to maintain the integrity and security of the application.

 


Created 8 Months ago

Web Application Firewall - WAF

A web application firewall (WAF) is a security solution that has been specially developed to protect web applications. It monitors traffic between web browsers and web applications to detect and block potentially harmful or unwanted activity. Essentially, a WAF acts as a shield that protects web applications from a variety of attacks, including

  1. SQL injection: an attack technique where attackers inject malicious SQL queries to access or manipulate the database.
  2. Cross-site scripting (XSS): An attack method where attackers inject scripts into websites to compromise users, such as by stealing session cookies or performing malicious actions on the user's behalf.
  3. Cross-site request forgery (CSRF): An attack in which an attacker makes a fraudulent request on behalf of an authenticated user to perform unwanted actions.
  4. Brute force attacks: Repeated attempts to log into a system using stolen or guessed credentials.
  5. Distributed Denial of Service (DDoS): Attacks in which a large number of requests are sent to a web application in order to overload it and make it inaccessible.

    A WAF analyzes HTTP and HTTPS traffic and applies specific rules and filters to identify and block suspicious activity. It can be implemented both at server level and as a cloud-based solution and is an important part of a comprehensive security strategy for web applications.

Created 8 Months ago

Browser Exploit Against SSL TLS - BEAST

BEAST (Browser Exploit Against SSL/TLS) was a security vulnerability discovered in September 2011. This vulnerability primarily affected the TLS (Transport Layer Security) protocol, specifically the Cipher Block Chaining (CBC) encryption mode in conjunction with the SSLv3 and TLS 1.0 protocols.

BEAST allowed an attacker to eavesdrop on and decrypt encrypted traffic between a web browser and a server. This was achieved by exploiting a weakness in the way CBC encryption was implemented in SSL/TLS.

To protect against BEAST attacks, it was recommended to upgrade to newer versions of TLS and to use alternative encryption methods that were not vulnerable to this weakness. Many web servers and browsers also implemented patches to mitigate the impact of BEAST.

 


Created 9 Months ago

Padding Oracle On Downgraded Legacy Encryption - POODLE

POODLE (Padding Oracle On Downgraded Legacy Encryption) was a security vulnerability in the SSLv3 (Secure Sockets Layer version 3) encryption protocol, discovered in October 2014. This vulnerability allowed an attacker to eavesdrop on and manipulate encrypted traffic between a web browser and a server. The attack exploited a weakness in the way SSLv3 processed blocks of encrypted data with padding. By exploiting this vulnerability, an attacker could, under certain circumstances, steal sensitive information such as cookies.

Due to the severity of the vulnerability, security experts recommended disabling the use of SSLv3 and upgrading to newer and more secure encryption protocols such as TLS (Transport Layer Security). Many web servers and browsers removed or disabled SSLv3 support to protect against POODLE attacks.

 


Created 9 Months ago

JSON Web Token - JWT

A JSON Web Token (JWT) is a compact, secure, and self-describing format for exchanging information between parties. It consists of a JSON structure that has three parts: the header, the payload, and the signature.

  1. Header: The header contains metadata about the type of the token and the signature algorithm used.

  2. Payload: The payload contains the actual claims or information carried by the token. These claims can include user data, roles, permissions, etc.

  3. Signature: The signature is used to ensure that the token has not been tampered with. It is created by signing the header, payload, and a secret key (known only to the issuer of the token).

JWTs are commonly used for authentication and authorization in web applications. For example, they can be used to authenticate users after login and grant them access to specific resources by being stored in HTTP headers or HTTP cookies and exchanged between the client and the server.


Created 9 Months ago

Active Server Pages - ASP

ASP stands for "Active Server Pages" and is a technology developed by Microsoft for creating dynamic web pages and web applications. It allows developers to create web pages that are dynamically generated on the server side by using scripting languages such as VBScript or JScript.

With ASP, developers can embed server-side scripts directly into HTML documents, allowing them to easily incorporate dynamic content such as database queries, user interactions, and conditional statements. ASP pages typically have the file extension ".asp".

A key component of ASP is the use of ActiveX Data Objects (ADO), which enables developers to access databases to generate dynamic content. This facilitates the development of interactive web applications with database support.

While ASP is still used by some companies, it has largely been superseded by ASP.NET, a more modern and powerful technology for web development from Microsoft. ASP.NET offers improved performance, security, and functionality compared to classic ASP.

 


Created 9 Months ago

Lighttpd

Lighttpd (pronounced "Lighty") is an open-source web server known for its lightweight, fast, and efficient nature. It's designed to provide a slim and powerful web server that remains stable and reliable even under high loads.

Some key features of Lighttpd include:

  1. Lightweight: Lighttpd is known for its low resource usage compared to other web servers like Apache. This makes it particularly well-suited for environments with limited resources or for use on low-powered devices.

  2. High speed: Lighttpd is engineered to serve web content quickly and efficiently. Its architecture and optimized implementation allow it to perform well even under heavy loads.

  3. Flexibility: Lighttpd supports various features and modules, including support for FastCGI, SCGI, CGI, proxying, SSL, and more. This versatility makes it adaptable to various requirements.

  4. Security: Lighttpd prioritizes security and offers features such as SSL/TLS support, URL and access control rules, as well as protection against known security vulnerabilities.

  5. Simple configuration: Lighttpd's configuration is done through a simple and clear configuration file. This makes it easy to configure and customize the web server, even for users with little experience.

Due to its characteristics, Lighttpd is often used for applications that require high performance, scalability, and efficiency, such as high-traffic websites, content delivery networks (CDNs), streaming media servers, and more.

 


Created 9 Months ago

FastCGI

FastCGI is a protocol developed to enhance the performance of Common Gateway Interface (CGI) scripts, particularly in high-traffic web environments. Compared to traditional CGI, FastCGI provides a more efficient way for web servers to interact with external applications or scripts to generate dynamic content.

Essentially, FastCGI works by using a process pool to manage the execution of scripts. Unlike CGI, where a new process is started for each request, FastCGI keeps a group of processes running persistently, waiting for requests. This reduces the overhead costs of starting and terminating processes and leads to an overall faster and more efficient processing of web requests.

FastCGI also provides the ability to transfer data efficiently between the web server and external applications, further enhancing performance. Additionally, FastCGI supports features like multiplexing, where multiple requests can be processed simultaneously over a single connection, improving scalability.

Due to its performance advantages, FastCGI is often used in conjunction with web servers such as Apache, Nginx, and Lighttpd to efficiently serve dynamic web content. It is a key technology in web development, especially for high-traffic websites and web applications.

 


Created 9 Months ago
Categories
Object-oriented programming 25 Applications 53 Design Patterns 20 Strategies 105 Continuous Integration - CI 2 Testing 9 Characteristic 44 Protocols 12 Communication 9 Data Structure 5 Version Control 6
PHP 49 Python 2 Ruby 1 TypeScript 3 JavaScript 16 Erlang 2 Java 3 General 3 Python 0
NoSQL 9 Relational Databases 16 Concepts 4 General 5 Data Warehouse 2 Time Series Databases 1 Data Types 1
Terraform 1 Cloud Computing 11 Server 4 Network 26 Virtualization 3 Ansible 1 Architecture 7 Characteristics 2
Cascading Style Sheets - CSS 3 Leaner Style Sheets - LESS 1 Syntactically Awesome Stylesheets - Sass 1
Attack Methods 17 Security Mechanisms 11 Organisations 1 Famous Security Loopholes 3
HTML 3 XML 4 Extensible Hypertext Markup Language - XHTML 1 Markdown 1
CSS 1
Kuenstliche Intelligenz 5
SCRUM 5 General 1 Kanban 1 Extreme Programming - XP 1 Crystal 5 Dynamic Systems Development Method - DSDM 1 Feature Driven Development - FDD 1
Applications 2
Characteristics 3 Strategies 2 Applications 2
Tags
Revision Control 24 Number of entries with this tag Uniform Resource Name - URN 2 Number of entries with this tag Cyclomatic Complexity 1 Number of entries with this tag Firewall 2 Number of entries with this tag Command Line Interface - CLI 2 Number of entries with this tag Protobuf 2 Number of entries with this tag Object-Relational Mapper - ORM 3 Number of entries with this tag Microsoft 9 Number of entries with this tag Proprietary Software 1 Number of entries with this tag Framework 58 Number of entries with this tag Static Site Generator - SSG 2 Number of entries with this tag Server Side Includes - SSI 1 Number of entries with this tag Backlink 1 Number of entries with this tag Stub 2 Number of entries with this tag Session Layer - OSI Layer 5 3 Number of entries with this tag
Latest Article

Strapi

in Category

DevelopmentProgramming LanguagesJavaScript

Created 9 Hours 41 Minutes ago
Random Article

Application Programming Interface - API

in Category

DevelopmentPrinciplesApplications

Created 1 Year ago
Random Tech

Bootstrap

Bootstrap_logo.svg.png