Blog

Zap for IDOR Recap of IDOR: IDOR (Insecure Direct Object Reference) occurs when applications expose internal object identifiers (like user IDs or filenames) without proper authorization checks. This allows attackers to access or modify data belonging to other users simply by changing an identifier. Recently, while going through this TryHackMe challenge level: ➡️ IDOR – Santa’s Little IDOR …I decided to revisit how ZAP can be used not just to reveal IDOR issues, but also to automate their discovery. ...

Why do I use lazygit I use Lazygit in order to have a gui for my git folder management. It is usefull to see modifications commits ect. You can manage multiple aspect of yoiur git project: commits patch selection (selecting line to add to commits) branches history What is really cool? GitMoji Fiorstly you can use gitmoji, quite usefull on commits customCommands: - key: "<c-c>" context: "files" description: "commit files with format" prompts: - type: "menu" title: "What kind of commit type is it?" key: "Type" options: - name: ":ambulance:" description: "(fix) 🚑 Fatal bug fix" value: ":ambulance: fix:" - name: ":bug:" description: "(fix) 🐛 Bug fix" value: ":bug: fix:" - name: ":+1:" description: "(fix) 👍 Functional improvements and corrections" value: ":+1: fix:" - name: ":cop:" description: "(fix) 👮 Security related fixes" value: ":cop: fix:" - name: ":tada" description: "(feat) 🎉 Big feature addition" value: ":tada: feat:" - name: ":sparkles:" description: "(feat) ✨ Partial function addition" value: ":sparkles: feat:" - name: ":up:" description: "(feat) 🆙 Update of dependent packages, etc" value: ":up: feat:" - name: ":memo:" description: "(docs) 📝 Add or modify documents" value: ":memo: docs:" - name: ":bulb" description: "(docs) 💡 Adding or modifying comments to the source code" value: ":bulb: docs:" - name: ":art:" description: "(style) 🎨 Layout related fixes" value: ":art: style:" - name: ":lipstick:" description: "(style) 💄 Lint: Fix errors and code style" value: ":lipstick: style:" - name: ":recycle:" description: "(refactor) ♻️ Refactor" value: ":recycle: refactor:" - name: ":fire:" description: "(refactor) 🔥 Delete code or files" value: ":fire: refactor:" - name: ":green_heart:" description: "(test) 💚 Testing and CI fixes" value: ":green_heart: test:" - name: ":rocket:" description: "(perf) 🚀 Performance improvement" value: ":rocket: perf:" - name: ":wrench:" description: "(chore) 🔧 Modifying the configuration file" value: ":wrench: chore:" - name: ":building_construction:" description: "(chore) 🏗️ Architecture fixes" value: ":building_construction: chore:" - name: ":construction:" description: "(wip) 🚧 Working on" value: ":construction: wip:" - type: "input" title: "Enter the Message" key: "Message" initialValue: "" Custom commands Using Gitmoji with custom commands allows you to create a command that selects the desired Gitmoji and even the desired issue number. Here is an example: For this config I first select the correct gitmoji and then the issue. For that i have a bash command that get all my gitlab issues (based on glab) ...

First setup your vagrant file To begin, you’ll need to configure your Vagrantfile. You can refer to the official vagrant documentation First, install Vagrant and VirtualBox using the following commands: sudo apt install vagrant sudo apt install virtualbox Vagrant is a powerful tool that allows you to manage and run virtual machines (VMs) using your preferred virtualization software. It provides a consistent and efficient way to work with VMs, regardless of the underlying virtualization technology. ...