You can automate publishing a post on WordPress using Python by using the WordPress REST API. Here is a basic outline of how you could accomplish this: Replace ‘http://your-site-url’, ‘your-username’, and ‘your-application-password’ with your WordPress site URL, your WordPress username, and the application password you generated. β‘ Warning: Basic Auth sends the username and password … Read more
You have created a Django website or blog, and have made it open for users to register an account, log in and benefit from the services you offer. Your utmost concern is security. You want to make sure that your website is free from spam. Also, you want to ensure you are dealing with humans, … Read more
I recently stumbled on a great solution pattern that can be used to fight prompt injection on Simon Willison’s Weblog: The DualLLM pattern. What Is Prompt Injection Anyways? π‘ Prompt injection attacks are similar to code injection attacks, where harmful code is added through a system’s input. The main difference is that, in AI, the … Read more
Today I gave a service consultant access to one of my AWS servers. I have a few files on the server that I was reluctant to share with the service consultant because these files contain sensitive personal data. Python is my default way to solve these types of problems. Naturally, I wondered how to encrypt … Read more
KISS – Keep It Secure, Stupid! Since the beginning of days, Man, Woman, Beast, and even Plants, have shared one thing in common. The need and desire to salvage items around them to use as food, pleasure, and necessity. And with that came a need to secure these items for safe use in the future. … Read more
Problem Formulation and Solution Overview This article will show you how to generate password hashes in Python. To make it more interesting, we have the following running scenario: When new users join the Finxter Academy, they are asked for a password. How can we keep this data secure? To secure these passwords, we must convert … Read more
Do you have written a decentralized app (dApp) and you want to check it for potential exploits and hacks? Do you need to prepare your dApp for a security audit and vulnerability analysis? Don’t worry, we have your back! π‘οΈ In this article based on the smart contract security course by Finxter Creator Yogesh, we’ll … Read more
Hackers have a wide variety of specific skills that are super valuable in a “white hat” environment. If you’re interested in leaving the “dark side” or you simply want to reduce your risk profile as a hacker—these could be some interesting career paths you could pursue easily without needing to learn a whole new stack … Read more
This is part 8 and a continuation of the Smart Contract Security Series. Ownership Exploit Private Variable Exploit Reentrancy Attack tx.origin Phishing Attack Denial of Service Attack Storage Collision Attack Randomness Attack Replay Attack This post provides insights into the replay attack in blockchains. As per the wiki, a replay attack is a valid data … Read more
This is part 7 and a continuation of the Smart Contract Security Series. Ownership Exploit Private Variable Exploit Reentrancy Attack tx.origin Phishing Attack Denial of Service Attack Storage Collision Attack Randomness Attack Replay Attack In this tutorial, the randomness attack or also called replicated logic attack is analyzed. The problem in Solidity contracts is finding … Read more
What is a Transposition Algorithm? A substitution algorithm, such as previously mentioned Caesar’s algorithm, works by substituting each symbol of the plaintext message with another symbol, according to a predetermined offset defined by a key. In contrast, a transposition algorithm shifts, or changes the positions of its symbols by following a specific, predetermined key. Since … Read more
What is Fuzzing? Fuzz testing (or fuzzing) is an automated software testing method with the goal to find vulnerabilities, security issues, and defects of the application. The idea is to inject invalid, malformed, or unexpected inputs into the application using a fuzzing tool and observing how the system reacts to those inputs (e.g., exceptions, leakage … Read more