Intro Correctly configured AppLocker rules prevent the execution of untrusted executable files, scripts, and other potentially harmful content. However, it is essential to simplify the process of creating these rules by minimizing the overhead required to maintain them. And one of the popular way to do that is allowing execution of files signed by Microsoft and/or other well-known… Read More »
This is one of the posts related to the attack on Company X, and it discusses shellcode decryption. A popular technique to avoid AV detection is using simple XOR encryption. In our case, the attacker used encrypted shellcode, and to understand what code was executed by this shell, I needed to decrypt it first. I don’t remember all… Read More »
We are still working with great course – https://www.udemy.com/course/microservices-clean-architecture-ddd-saga-outbox-kafka-kubernetes/ of Ali Gelender and now our focus is on local environment configuration. Any developer needs to configure some env before publishing code to the non-prod / prod env and with course’s code we work with: We can start up virtual machines on a laptop, but virtualization has significant resource… Read More »
Intro DDD (Domain-Driven Design) is a fairly popular approach that, while facing some criticism, has benefits that are evident for complex projects. Reading theory is one thing, but diving into code implementation is entirely different – it provides hands-on experience and a deeper understanding. Practice is practice. We’ll start with the theory of DDD and refer back to… Read More »
Intro An anemic domain model happens when your domain model is mostly focused on storing data and has very little business logic or behavior. This can occur when the design of your database heavily influences how you structure your code. Instead of creating a model that reflects the actual business rules and logic, you end up with simple… Read More »
Intro One of the most challenging and confusing topics, especially for beginners in Keycloak, is Client Scopes. In this article, I will break down this topic, explaining what Client Scopes are used for, how they work, and what their advantages are. Let’s start! Our environment configuration is very simple. Typically, I work with containerized applications using Docker and… Read More »
It’s a popular question in interviews, and it seems that every interviewer has their own understanding of it. The most common answer is that you should write your class in a way that it is open for extension but closed for modification. Typically, this involves using polymorphism along with an abstract base class, allowing dynamic method invocation based… Read More »
This is an old note about timers in .NET that might be interesting to someone. I believe the same concept could be applied in other programming languages. As noted by Joe Albahari in his article about timers (http://www.albahari.com/threading/part3.aspx#_Timers), they provide a more effective way to manage memory and resources compared to an approach where we create a thread… Read More »
This is my old note related to VS 2005, so it might work out of the box in newer versions of Visual Studio. I haven’t checked, but I still believe this information could be helpful to someone, so it’s a pleasure to share it. The first time I encountered this error in my error handling mechanism (Nbug), I… Read More »
C++ has acquired capabilities related to inheritance throughout its rich history that are not available in high-level languages like C# or Java (although simplified design avoids issues like the diamond problem; however, the diamond problem can still occur with interfaces in Java. But our topic today is testing, not language design). These capabilities include multiple inheritance, public/protected/private inheritance… Read More »