Sec-88
  • πŸ§‘Whoami
  • πŸ•ΈοΈWeb-AppSec
    • Features Abuse
      • 2FA
      • Ban Feature
      • CAPTCHA
      • Commenting
      • Contact us
      • File-Upload
      • Inviting Feature
      • Messaging Features
      • Money-Related Features
      • Newsletter
      • Profile - Settings
      • Registration
      • Reset Password
      • Review
      • Rich Editor/Text
      • Social Sharing
      • Billing-Shipping Address Management
      • Integrations - Webhooks
      • API Key Management
    • Reconnaissance
      • Attacking Organizations with big scopes
    • Subdomain Enumeration
    • Fingerprinting
    • Dorking
    • XSS-HTML Injection
    • Improper Authentication
      • JWT Security
    • OAUTH Misconfigurations
      • OAuth 2.0 Basics
      • OAUTH Misconfigurations
    • Auth0 Misconfigurations
    • Broken Access Control
      • Insecure Direct Object References (IDOR)
      • 403 Bypass
    • Broken Link Injection
    • Command Injection
    • CORS
    • CRLF
    • CSRF
    • Host Header Attacks
    • HTTP request smuggling
    • JSON Request Testing
    • LFI
      • LFI to RCE
    • No Rate Limit
    • Parameters Manual Testing
    • Open Redirect
    • Registration & Takeover Bugs
    • Remote Code Execution (RCE)
    • Session Fixation
    • SQL Injection
      • SQL To RCE
    • SSRF
    • SSTI
    • Subdomain Takeover
    • Web Caching Vulnerabilities
    • WebSockets
    • XXE
      • XXE to RCE
    • Cookie Based Attacks
    • CMS
      • AEM [Adobe CMS]
    • XSSI (Cross Site Script Inclusion)
    • NoSQL injection
    • Local VS Remote Session Fixation
    • Protection
      • Security Mechanisms for Websites
      • Cookie Flags
      • SameSite Cookie Restrictions
      • Same-origin policy (SOP)
      • CSP
    • Hacking IIS Applications
    • Dependency Confusion
    • Attacking Secondary Context
    • Hacking Web Sockets
    • IDN Homograph Attack
    • DNS Rebinding Attack
    • LLM Hacking Checklist
    • Bypass URL Filtration
    • Cross-Site Path Traversal (CSPT)
    • PostMessage Security
    • Prototype Pollution
      • Client-Side Prototype Pollution
      • Server-Side prototype pollution
    • Tools-Extensions-Bookmarks
    • WAF Bypassing Techniques
    • SSL/TLS Certificate Lifecycle
    • Serialization in .NET
    • Client-Side Attacks
      • JavaScript Analysis
    • Bug Bounty Platforms/Programs
    • DNS Dangling / NS Takeover
  • βœ‰οΈAPI-Sec
    • GraphQL API Security Testing
      • The Basics
      • GraphQL Communication
      • Setting Up a Vulnerable GraphQL Server
      • GraphQL Hacking Tools
      • GraphQL Attack Surface
      • RECONNAISSANCE
      • GraphQL DOS
      • Information Disclosure
      • AUTHENTICATION AND AUTHORIZATION BYPASSES
      • Injection Vulnerabilities in GraphQL
      • REQUEST FORGERY AND HIJACKING
      • VULNERABILITIES, REPORTS AND EXPLOITS
      • GraphQL Hacking Checklist
    • API Recon
    • API Token Attacks
    • Broken Object Level Authorization (BOLA)
    • Broken Authentication
    • Evasive Maneuvers
    • Improper Assets Management
    • Mass Assignment Attacks
    • SSRF
    • Injection Vulnerabilities
    • Excessive Data Exposure
    • OWASP API TOP 10 MindMap
    • Scanning APIs with OWASP ZAP
  • πŸ“±Android-AppSec
    • Setup Android App Pentesting environment on Arch
    • Setup Android App Pentesting environment on Mac M4
    • Setup Android Pentesting Environment on Debian Linux
    • Android App Fundamentals
      • Android Architecture
      • Android Security Model
      • Android App Components
        • Intents
        • Pending Intents
    • Android App Components Security Cheatsheet
    • Android App Pentesting Checklist
    • How To Get APK file for application
    • ADB Commands
    • APK structure
    • Android Permissions
    • Exported Activity Hacking
    • BroadcastReceiver Hacking
    • Content Provider Hacking
    • Signing the APK
    • Reverse Engineering APK
    • Deep Links Hacking
    • Drozer Cheat Sheet
    • SMALI
      • SMALI Cheat Sheet
      • Smali Code Patching Guide
    • Intent Redirection Vulnerability
    • Janus Vulnerability (CVE-2017-13156)
    • Task Hijacking
    • Hacking Labs
      • Injured Android
      • Hacking the VulnWebView Lab
      • Hacking InsecureBankv2 App
    • Frida Cheat Sheet
  • πŸ“ΆNetwork-Sec
    • Networking Fundamentals
    • Open Ports Security Testing
    • Vulnerability Scanning
    • Client Side Attacks
    • Port Redirection and Tunneling
    • Password Attacks
    • Privilege Escalation [PrevEsc]
      • Linux Privilege Escalation
    • Buffer Overflow (BOF)
      • VulnServer
      • Sync Breez Enterprize
      • Crashed CTF
      • BOF for Linux
    • AV Evasion
    • Post Exploitation
      • File Transfer
      • Maintaining Access
      • Pivoting
      • Clean Up
    • Active Directory
      • Basic AD Pentesting
  • πŸ’»Desktop AppSec
    • Thin Client vs. Thick Client
  • ☁️Cloud Sec
    • Salesforce Hacking
      • Basics
      • Salesforce SAAS Apps Hacking
    • Firebase
    • S3 Buckets Misconfigurations
    • Amazon Cognito Misconfiguraitons
  • πŸ‘¨β€πŸ’»Programming
    • HTML
    • JavaScript (JS)
      • window.location object
    • Python
      • Python Tips
      • Set
        • SetMethods
    • JAVA
      • Java Essentials
      • Java Essentials Code Notes
      • Java OOP1
      • JAVA OOP Principles
        • Inheritance
        • Method Overriding
        • Abstract Class
        • Interface
        • polymorphism
        • Encapsulation
        • Composition
      • Java OOP Challenges
      • Exception Handling
    • Go
      • Go Syntax Tutorial in one file
      • Methods and Interfaces
      • Go Slices
      • Go Maps
      • Go Functions
      • Concurrency
      • Read Files
      • Write Files
      • Package
        • How to make personal Package
        • regexp Packages
        • Json
        • bufio
        • Time
      • Signals-Exit
      • Unit Testing
  • πŸ–₯️Operating Systems
    • Linux
      • Linux Commands
      • Tools
      • Linux File System
      • Bash Scripting guide
      • tmux
      • Git
      • Install Go tools from private repositories using GitHub PAT
    • VPS
    • Burp Suite
  • ✍️Write-Ups
    • Hunting Methodology
    • API BAC leads to PII Data Disclosure
    • Misconfigured OATUH leads to Pre-Account Takeover
    • Automating Bug Bounty with GitHub Actions
    • From Recon to Reward: My Bug Bounty Methodology when Hunting on Public Bug Bounty Programs
    • Exploring Subdomains: From Enumeration to Takeover Victory
    • 0-Click Account Takeover via Insecure Password Reset Feature
    • How a Simple Click Can Lead to Account Takeover: An OAuth Insecure Implementation Vulnerability
    • The Power Of IDOR even if it is unpredictable IDs
    • Unlocking the Weak Spot: Exploiting Insecure Password Reset Tokens
    • AI Under Siege: Discovering and Exploiting Vulnerabilities
    • Inside the Classroom: How We Hacked Our Way Past Authorization on a Leading EdTech Platform
    • How We Secured Our Client’s Platform Against Interaction-Free Account Thefts
    • Unchecked Privileges: The Hidden Risk of Role Escalation in Collaborative Platforms
    • Decoding Server Behavior: The Key to Mass Account Takeover
    • Exploiting JSON-Based CSRF: The Hidden Threat in Profile Management
    • How We Turned a Medium XSS into a High Bounty by Bypassing HttpOnly Cookie
  • IOS-AppSec
Powered by GitBook
On this page

Was this helpful?

Edit on GitHub
  1. Programming

Python

1. Print Statement

print("Hello, World!")

2. Variables and Data Types

age = 25
name = "John"
is_student = True

3. String Formatting

greeting = f"Hello, {name}! You are {age} years old."

4. Lists and Indexing

my_list = [1, 2, 3, "four", 5.0]
first_item = my_list[0]

5. Dictionaries

my_dict = {"key": "value", "name": "Alice"}
value = my_dict["key"]

6. Conditional Statements

if age > 18:
    print("You are an adult.")
elif age == 18:
    print("You just became an adult.")
else:
    print("You are a minor.")

7. Loops - For and While

for i in range(5):
    print(i)

counter = 0
while counter < 5:
    print(counter)
    counter += 1

8. Functions

def greet(person):
    return f"Hello, {person}!"

result = greet("Bob")

9. List Comprehensions

squared_numbers = [x**2 for x in range(5)]

10. Exception Handling

try:
    result = 10 / 0
except ZeroDivisionError:
    result = "Cannot divide by zero."

11. Classes and Objects

class Dog:
    def __init__(self, name):
        self.name = name

my_dog = Dog("Buddy")

12. File Handling

with open("file.txt", "r") as file:
    content = file.read()

13. Modules and Libraries

import math
sqrt_result = math.sqrt(25)

14. Lambda Functions

multiply = lambda x, y: x * y
product = multiply(3, 4)

15. Working with JSON

import json

data = '{"name": "John", "age": 25}'
user_info = json.loads(data)

16. Modules and Libraries

import random
random_number = random.randint(1, 10)

17. Working with Files

with open("new_file.txt", "w") as new_file:
    new_file.write("This is a new file.")

18. Exception Handling (try, except, else, finally)

try:
    result = 10 / 2
except ZeroDivisionError:
    result = "Cannot divide by zero."
else:
    print(f"Result: {result}")
finally:
    print("Execution complete.")

19. Classes and Inheritance

class Animal:
    def speak(self):
        return "Some generic sound."

class Dog(Animal):
    def speak(self):
        return "Woof!"

my_animal = Animal()
my_dog = Dog()

animal_sound = my_animal.speak()
dog_sound = my_dog.speak()

20. List Manipulation

numbers = [1, 2, 3, 4, 5]
numbers.append(6)
numbers.pop(2)

21. Sets

my_set = {1, 2, 3, 4, 5}
my_set.add(6)

22. Tuples

coordinates = (3, 4)
x, y = coordinates

23. Working with Dates and Times

from datetime import datetime

current_time = datetime.now()
formatted_time = current_time.strftime("%Y-%m-%d %H:%M:%S")

24. List Sorting

numbers = [4, 2, 7, 1, 9]
sorted_numbers = sorted(numbers)

25. Map, Filter, and Reduce

numbers = [1, 2, 3, 4, 5]
squared_numbers = list(map(lambda x: x**2, numbers))
even_numbers = list(filter(lambda x: x % 2 == 0, numbers))
sum_of_numbers = functools.reduce(lambda x, y: x + y, numbers)

26. Virtual Environments

# Create virtual environment
python -m venv myenv

# Activate virtual environment
source myenv/bin/activate  # On Linux/Mac
myenv\Scripts\activate      # On Windows

# Deactivate virtual environment
deactivate

27. Working with APIs

import requests
response = requests.get("https://jsonplaceholder.typicode.com/todos/1")
data = response.json()

28. Regular Expressions

import re
pattern = re.compile(r'\b(\w+)\b')
matches = pattern.findall("This is a sample sentence.")

29. Lambda Functions

square = lambda x: x**2
result = square(5)

30. List Comprehensions

squares = [x**2 for x in range(5)]

31. Dictionary Manipulation

my_dict = {'a': 1, 'b': 2, 'c': 3}
my_dict['d'] = 4
del my_dict['b']

32. JSON Manipulation

import json

# Convert Python object to JSON string
json_data = json.dumps({'name': 'John', 'age': 30})

# Convert JSON string to Python object
python_object = json.loads('{"name": "John", "age": 30}')

33. Context Managers

with open('file.txt', 'r') as file:
    content = file.read()
# File is automatically closed outside the block

34. Decorators

def my_decorator(func):
    def wrapper():
        print("Something is happening before the function is called.")
        func()
        print("Something is happening after the function is called.")
    return wrapper

@my_decorator
def say_hello():
    print("Hello!")

say_hello()

35. Asyncio (Asynchronous Programming)

import asyncio

async def my_coroutine():
    print("Coroutine started.")
    await asyncio.sleep(1)
    print("Coroutine completed.")

# Run the coroutine
asyncio.run(my_coroutine())

36. Web Scraping with BeautifulSoup

from bs4 import BeautifulSoup
import requests

url = "https://example.com"
response = requests.get(url)
soup = BeautifulSoup(response.text, 'html.parser')

37. Machine Learning with Scikit-Learn

from sklearn.model_selection import train_test_split
from sklearn.linear_model import LinearRegression

# Assuming X and y are your features and target variable
X_train, X_test, y_train, y_test = train_test_split(X, y, test_size=0.2)
model = LinearRegression()
model.fit(X_train, y_train)

38. Django Web Framework

# Install Django
pip install Django

# Create a new Django project
django-admin startproject myproject

# Run the development server
python manage.py runserver

39. Flask Web Framework

from flask import Flask

app = Flask(__name__)

@app.route('/')
def hello_world():
    return 'Hello, World!'

40. Creating a Simple REST API with Flask-RESTful

from flask import Flask
from flask_restful import Resource, Api

app = Flask(__name__)
api = Api(app)

class HelloWorld(Resource):
    def get(self):
        return {'hello': 'world'}

api.add_resource(HelloWorld, '/')
Previouswindow.location objectNextPython Tips

Last updated 1 year ago

Was this helpful?

πŸ‘¨β€πŸ’»