TinyPilot: Build a KVM Over IP for Under $100
KVM allows you to view screen, control keyboard mouse of a remote system even before the OS is fully loaded(otherwise you can use VNC or any remote desktop).
But they are usually expensive. In this post the author build thing together, run on a raspberry pi.
An offensive guide to the authorization code grant
Despite a fundamental problem of every application and many best practice. Yet, implementaion of many OAuth still has bug when first rolling out. Even Apple.
NCCGroup developed the desire for a comprehensive and digestible enumeration of security concerns in the OAuth 2.0 Authorization Code flow, from an end-user (or penetration tester)’s external vantage. This post will introduce, break down the observable vulnerabilities, and explain the exploitation of each the following aspects of the Authorization Code flow.
Design Docs at Google
As software engineers our job is not to produce code per se, but rather to solve problems. Unstructured text, like in the form of a design doc, may be the better tool for solving problems early in a project lifecycle
sudo with TouchID and Apple Watch, even inside tmux
TouchID is so convenience. It would be great to make it work with sudo. It useds to have bug when running inside tmux but now they are all fixed.
Worth to look into this if you use a MacBook that supports TouchID or a watch.
Inside a Collaborative Text Editor
The core of online text editor like google doc is Conflict-free replicated data types. This post looks into LOGOOT, an example of CRDT.
Generating UUIDs at scale on the Web
which make collision likely to happen.
DIY Video Hosting
I probably won’t do this soon but it’s good to know what part and piece of a video hosting platform
a live, playable archive of DEF CON CTF challenges
Practice DEF CON CTF absolutely improve your security skill. DEF CON is one of the world’s largest and most notable hacker conventions. Basically this site give you endpoint that has vulnerability that you can try to attack it
Code to read
an online game based on Qwirkle. It’s interesting because both of client and server are written in Rust. The client is compiled to webassembly and have some minimal JS to load WebAssembly
A fast web fuzzer
A set of functions for drawing perfect arrows between points and shapes..Good if you want to know about the magic behind generating smooth curve.
a CLI-based intercepting proxy for TCP connections written in Python without third-party dependencies
a self-hosted, lightweight, and simple (yet functional) comment engine, which doesn’t spy on users. It can be embedded into blogs, articles or any other place where readers add comments.
If you have double key press issue on butterfly Mac keyboard. This small tool will save you.
a cross-platform Redis, Memcached, SSDB, LevelDB, RocksDB, UnQLite, LMDB, UpscaleDB, ForestDB, Pika management tool, also FastoNoSQL is platform for NoSQL databases,
Scale down Kubernetes Deployments, StatefulSets, and/or HorizontalPodAutoscalers during non-work hours.
That's it for this round, have a great day! If you like this newsletter, please tell the world, or
tweet about this