The Experts below are selected from a list of 12 Experts worldwide ranked by ideXlab platform
Victor Ashiedu - One of the best experts on this subject based on the ideXlab platform.
-
Powershell Tutorial Volume 1: 7 Practical Tutorials That Will Get You Scripting In No Time - Powershell Scripting, Powershell In Depth, Powershell Cookbook, Windows Powershell
2015Co-Authors: Victor AshieduAbstract:"PowerShell Tutorial Volume 1" teaches you Windows PowerShell - takes your PowerShell skills from zero to Pro level. Fully hands-on with step-by-step labs! Why You Should Read PowerShell Tutorial Volume 1 This volume has 7 tutorials. At the end of each tutorial, you would have learnt an essential PowerShell concept. Each Tutorial also contains a step by step lab so you can practice as you learn. Each PowerShell tutorial is independent but builds on the knowledge of the previous tutorial. What is in PowerShell Tutorial Volume 1?POWERSHELL TUTORIAL 1: Introduction to PowerShell and Cmdlets:Tutorial 1 Introduces PowerShell and PowerShell cmdlets. It then teaches you how to find cmdlets using the Get-Command cmdlet.Tutorial 1 also discusses cmdlet parameters and Aliases.POWERSHELL TUTORIAL 2: Getting help with the Get-Help cmdlet:Tutorial 2 focuses on the Get-Help Command. It teaches you how to use the Get-Help command to get information about cmdlets. Tutorial 2 also covers how to understand cmdlet syntaxes from the results of the Get-Help command. POWERSHELL TUTORIAL 3: Variables and Pipelines:Tutorial 3 introduces you to PowerShell variables, one of the most important concepts in PowerShell scripting. It covers different types of variables and how you can use them in scripting. Tutorial 3 also covers PowerShell Pipelines and how to use them.POWERSHELL TUTORIAL 4: Introduction to Scripts and Functions:Tutorial 4 Introduces you to Scripts, Functions and Modules. It teaches you how to write Scripts, Functions and Modules. It also teaches you the difference between them. Tutorial 4 also covers PowerShell File Extensions; the default location for PowerShell modules and how you install PowerShell modules. POWERSHELL TUTORIAL 5: Commenting and Breaking scripts:Tutorial 5 teaches you How to add Comments to your Script; it shows you how to break (stop executing) scripts using the 'Break' statement. Tutorial 5 also teaches you how and why you should use the 'Escape' (Backtick) Character in PowerShell scripting. It also shows you how to use this very important character in PowerShell scripting.POWERSHELL TUTORIAL 6: PowerShell Operators:Tutorial 6 teaches you PowerShell Operators. Understanding PowerShell Operators is very important to your scripting career. Tutorial 6 teaches you about Comparison, Arithmetic, Logical, Split, Join, Redirection and Assignment Operators. Tutorial 6 also teaches you detailed application of the listed operators with examples.POWERSHELL TUTORIAL 7: Introduction to Object Properties:Tutorial 7 (the last in Volume 1) introduces you to Object Properties, another very important concept! This tutorial teaches you how to access PowerShell object properties using variables. Tutorial 7 also teaches you about Objects 'MemberTypes' and their applications in scripting. Finally, Tutorial 7 explores the Get-Member Cmdlet in detail and shows you how to manipulate object properties using this powerful cmdlet. Connect with PowerShell Tutorial Book SeriesTwitter.com/PowerShellDIYfacebook.com/PowerShellTutorialBook Get your copy of "PowerShell Tutorial Volume 1" at this discounted priceTags: Powershell Scripting,Powershell In Depth, Powershell Cookbook, Windows Powershell, Windows PowerShell 4.0, windows PowerShell for developers, windows PowerShell in action, Powershell 5, Powershell 5.0, PowerShell For Beginners, PowerShell step by step
Joannah Nanjekye - One of the best experts on this subject based on the ideXlab platform.
-
Printing and Backtick repr
Python 2 and 3 Compatibility, 2017Co-Authors: Joannah NanjekyeAbstract:This chapter discusses the polarities of these features between the Python versions and the techniques to achieve their compatibility.
Edward Yang - One of the best experts on this subject based on the ideXlab platform.
-
ACM Conference on Computer and Communications Security - mXSS attacks: attacking well-secured web-applications by using innerHTML mutations
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security - CCS '13, 2013Co-Authors: Mario Heiderich, Jörg Schwenk, Tilman Frosch, Jonas Magazinius, Edward YangAbstract:Back in 2007, Hasegawa discovered a novel Cross-Site Scripting (XSS) vector based on the mistreatment of the Backtick character in a single browser implementation. This initially looked like an implementation error that could easily be fixed. Instead, as this paper shows, it was the first example of a new class of XSS vectors, the class of mutation-based XSS (mXSS) vectors, which may occur in innerHTML and related properties. mXSS affects all three major browser families: IE, Firefox, and Chrome. We were able to place stored mXSS vectors in high-profile applications like Yahoo! Mail, Rediff Mail, OpenExchange, Zimbra, Roundcube, and several commercial products. mXSS vectors bypassed widely deployed server-side XSS protection techniques (like HTML Purifier, kses, htmlLawed, Blueprint and Google Caja), client-side filters (XSS Auditor, IE XSS Filter), Web Application Firewall (WAF) systems, as well as Intrusion Detection and Intrusion Prevention Systems (IDS/IPS). We describe a scenario in which seemingly immune entities are being rendered prone to an attack based on the behavior of an involved party, in our case the browser. Moreover, it proves very difficult to mitigate these attacks: In browser implementations, mXSS is closely related to performance enhancements applied to the HTML code before rendering; in server side filters, strict filter rules would break many web applications since the mXSS vectors presented in this paper are harmless when sent to the browser. This paper introduces and discusses a set of seven different subclasses of mXSS attacks, among which only one was previously known. The work evaluates the attack surface, showcases examples of vulnerable high-profile applications, and provides a set of practicable and low-overhead solutions to defend against these kinds of attacks.
Mario Heiderich - One of the best experts on this subject based on the ideXlab platform.
-
ACM Conference on Computer and Communications Security - mXSS attacks: attacking well-secured web-applications by using innerHTML mutations
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security - CCS '13, 2013Co-Authors: Mario Heiderich, Jörg Schwenk, Tilman Frosch, Jonas Magazinius, Edward YangAbstract:Back in 2007, Hasegawa discovered a novel Cross-Site Scripting (XSS) vector based on the mistreatment of the Backtick character in a single browser implementation. This initially looked like an implementation error that could easily be fixed. Instead, as this paper shows, it was the first example of a new class of XSS vectors, the class of mutation-based XSS (mXSS) vectors, which may occur in innerHTML and related properties. mXSS affects all three major browser families: IE, Firefox, and Chrome. We were able to place stored mXSS vectors in high-profile applications like Yahoo! Mail, Rediff Mail, OpenExchange, Zimbra, Roundcube, and several commercial products. mXSS vectors bypassed widely deployed server-side XSS protection techniques (like HTML Purifier, kses, htmlLawed, Blueprint and Google Caja), client-side filters (XSS Auditor, IE XSS Filter), Web Application Firewall (WAF) systems, as well as Intrusion Detection and Intrusion Prevention Systems (IDS/IPS). We describe a scenario in which seemingly immune entities are being rendered prone to an attack based on the behavior of an involved party, in our case the browser. Moreover, it proves very difficult to mitigate these attacks: In browser implementations, mXSS is closely related to performance enhancements applied to the HTML code before rendering; in server side filters, strict filter rules would break many web applications since the mXSS vectors presented in this paper are harmless when sent to the browser. This paper introduces and discusses a set of seven different subclasses of mXSS attacks, among which only one was previously known. The work evaluates the attack surface, showcases examples of vulnerable high-profile applications, and provides a set of practicable and low-overhead solutions to defend against these kinds of attacks.
Jörg Schwenk - One of the best experts on this subject based on the ideXlab platform.
-
ACM Conference on Computer and Communications Security - mXSS attacks: attacking well-secured web-applications by using innerHTML mutations
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security - CCS '13, 2013Co-Authors: Mario Heiderich, Jörg Schwenk, Tilman Frosch, Jonas Magazinius, Edward YangAbstract:Back in 2007, Hasegawa discovered a novel Cross-Site Scripting (XSS) vector based on the mistreatment of the Backtick character in a single browser implementation. This initially looked like an implementation error that could easily be fixed. Instead, as this paper shows, it was the first example of a new class of XSS vectors, the class of mutation-based XSS (mXSS) vectors, which may occur in innerHTML and related properties. mXSS affects all three major browser families: IE, Firefox, and Chrome. We were able to place stored mXSS vectors in high-profile applications like Yahoo! Mail, Rediff Mail, OpenExchange, Zimbra, Roundcube, and several commercial products. mXSS vectors bypassed widely deployed server-side XSS protection techniques (like HTML Purifier, kses, htmlLawed, Blueprint and Google Caja), client-side filters (XSS Auditor, IE XSS Filter), Web Application Firewall (WAF) systems, as well as Intrusion Detection and Intrusion Prevention Systems (IDS/IPS). We describe a scenario in which seemingly immune entities are being rendered prone to an attack based on the behavior of an involved party, in our case the browser. Moreover, it proves very difficult to mitigate these attacks: In browser implementations, mXSS is closely related to performance enhancements applied to the HTML code before rendering; in server side filters, strict filter rules would break many web applications since the mXSS vectors presented in this paper are harmless when sent to the browser. This paper introduces and discusses a set of seven different subclasses of mXSS attacks, among which only one was previously known. The work evaluates the attack surface, showcases examples of vulnerable high-profile applications, and provides a set of practicable and low-overhead solutions to defend against these kinds of attacks.
