Description: A blog-like personal notebook. Here I post things that I would like to visit and read later.
security (10067) go (2096) aws (1425) ruby (1286) golang (682) rails (613) postgresql (413)
tags archives search artwork Hi there 👋 Welcome to my blog Go runtimes in AWS Lambda Introduction AL2 runtimes and migrating from AL1 to AL2 for NodeJS, Python, Ruby, and .NET are pretty straightforward. The only exception is Go. Things are a bit cumbersome there as a custom runtime named provided.al2 comes into play. By the time of this writing, the following runtimes are provided by AWS: Name Identifier Operating system Architectures Node.js 18 nodejs18.x Amazon Linux 2 x86_64, arm64 Node.js 16 nodejs16.x
In this post, I will focus on the rationale behind some popular webhook security methods and will try to explain them in simple terms. 1. Basics Risks and Measures 1.1. Webhooks can be set to leak data silently Let’s assume you are a webhook provider and an attacker compromises the credentials of one of your clients. If your platform doesn’t notify users when a webhook is created or updated - the attacker can create a webhook silently and start leaking data without alerting anyone....
Checking SSL certificates on a browser is easy. Just click the green lock icon and you’re good to go. But what if doing the same in a more hacker way? This is where openssl comes into play. Let’s start by checking the SSL certificate of this website: openssl s_client -connect www.serhatdundar.com:443 depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert High Assurance EV Root CA depth=1 C = US, O = DigiCert Inc, OU = www....