Catégories : Tous - security - database - testing - vulnerability

par Weiyan Lin Il y a 9 années

515

My knowledges & skills

The individual possesses a diverse set of skills and knowledge in areas such as networking, security, and databases. They have completed courses and tutorials from reputable sources like CodeAcademy and W3C School, gaining proficiency in HTML, CSS, SQL, and jQuery.

My knowledges & skills

My knowledges & skills

asdf

Methods to study

Skills
virtual simulation / use it!

linux

platform Vmware/virtual Box

centos

kali

penatration test with

metasploit

ubuntu

set up xampp/lamp

fedora

network

platform GNS

OSPF

Knowledge
understand
make a mind map to clear the relationship between different concepts

Programming

Language
java

finished open course from Cay Horstmann (writer of Core Java) from Udacity website

poly morphism

interface

super class

Class

example

vehicle(super class)

truck

car

suv(sub class)

moto

concepts

people send message----class

| |

| |

class method

Method belongs to class

each method i responsible of a single class

collecting ---arraylist

Interface

Poly Morphism

d.draw()

dog.draw() cat.draw() car.draw()

ArrayList draw=new ArrayList();

ArrayList<Drawable> draw=new ArrayList <Drawable>;

draw.add(new Dog());

draw.add(new House());

for(drawable d :draw)

{

d.draw();

}

no need : for(dog){dog.draw); for(house){house.draw}

public class Dog implents Drawable

{}

public interface Drawable{ void draw();} //no implement, auto public

static and final

final

final variable

final method

can not overriden

finial class

no change

no subclass

initial and never change

static

not belongs to a specific object belongs to a class

Instance method Pic1,translate() need instance

Static Method : Math.sqrt() no need instance

basic

int-> string xx=""+int_number string-> int Double.parsedouble("3.14")

Scanner in =new Scanner(System.in); int age = in.nextInt

Array,ArrayList

arraylist

add(0,pic)

remove(2)

size()

set(2,obj)

loop

for (int i=0;i<ArrayList.size()/*array.length*/ ;i++)

{}

enhanced loop

for (objectclass obj : obj_arraylist)

{}

declaration

ArrayList values=new ArrayList();

double [] values =new double[10] / double[] values={1,2,3,4,5};

String

charAt

eclipse

mathlab

OFDM Simulation

teted in AWGN and Rayleigh fading

test in two modulation methods

Designed transmitter, channel and receiver for a give number of active subcarrier, channel bandwidth

python

GSM Simulation based on numpy and Hata model,Rayleigh fading, plot results with matplotlib in figures

use Matasploit.pyplot lib to plot the results of simulation in figures

Okumura Hata model,shadowing(log-nomal with location variability),fading(Rayleigh fading)

Use Numpy to perform mathmatical operations about the wireless channel's path loss

Analysis wireless Model to improve the GOS from 20% to 2%

Find out the Number of MSs of the system which could provide 20% Grade of service

Calculate the probability of blocked calls and dropped calls

Only focus on downlink transmission, BSs as transmitter and MSs are the receivers

One basic website project based on book "head first"

One basic Android app project based on book "head first"

C

void qsort(int v[], int left, int right)

{

int i, last;

void swap(int v[],int i, int j)

if (left>=right)

return;

last=left,

swap(v , left, (left+right)/2);

for (i=0;i<right;i++)

{

if (v[i]<v[left])

{ swap( v, last,i);

}

}

swap(v[], left,last)

qsort(v[],left,last)

qsort(v[],last,right)

}

pointers

pointers to pointers

lineptr is itself the name oa an array, it can be treated as a pointer

#include <stdio.h>

#include <string.h>

#define MAXLINES 5000l

char *lineptr[MAXLINES];

int readlines(char *lineptr[], int nlines);

int writelines(char *lineptr[],int nlines);

void qsort(char *lineptr[], int left,int right)

main()

{

int nlines;

if ((nlines=readlines(lineptr, MAXLINES) >=0)

{

qsort(lineptr,0,nlines-1);

writelines(lineptr,nlines);

return 0;

}

else

{

printf("error")

return 1;

}

}

}

readlines

#define MAXLEN 1000

int getline(char *s, int);

/* readlin read input lines*/

int readlines(char *lineptr[]; int maxlines)

{

int len,nlines;

char *p,line[MAXLEN];

nlines=0;

while( (len=getline(line,MAXLEN) > =0)

{

if ( nlines> MAXLINES || (p=alloc(len))== NULL)

{

return -1;

}

else

{

line[len-1]='\0'; /* all \0*/

strcpy(p,line);

lineptr[nlines++]=p;

}

return nlines;

}

getlines

/* input s[], return the length of s*/

int getline(char s[],int lim)

{

int i,v;

for (i=0; (c=getchar())!=EOF&& i<lim-1& c!='"\0";++i)

{

s[i]=c;

}

if (c == "\n")

{

s[i]=c;

++i;

}

s[i]="\0";

return i;

return i

}

writelines

/* writelines */

void writelines(char *lineptr[], int nlines)

{

while ( nlines-- >0)

{

printf(" %s\n",*linesptr++);

}

}

lineptr is an array of MAXLINES elements, each element of which is a pointer to a char. That is , lineptr[i] is a character pointer, and *lineptr[i] is the character it points to , the first character of the i-th saved text line.

char *lineptr[MAXLINES]

character pointers and functions

void strcpy(char *s, char *t)

{

int i;

while( (s[i]=t[i]) != "\0")

{

i++;

}

}

/* version 2*/

void strcpy( char *s, char *t)

{

while ( (*s=*t)!="\0")

{

s++;

t++;

}

}

/* version 3 */

void strcpy(char *s, char *t)

{

while ( (*s++=*t++))

;

}

int strcmp(char *s,char *t)

{

for (;*s==*t;s++,t++)

{

if (*s=="\0")

{ return 0;}

}

return *s-*t;

}

char amessage[]="now is the time"; char *amessage="now is the time";

pointer arithmetic

char ,float,int,long

pointer arithmetic is constent , dealing with floats, p++ would advance to the next float.

size_t of strlen, size_t is the unsigned integer type return by sizeof

point to next free element

allocp

large character array

allocbuf

two routine

afree

static char *allocp=allocbuf;

void afree (char *p) /*free storge pointed to by p */

{

if (p>=allocbuf && p<=allocbuf + ALLOCSIZE)

{

allocp=p;

}

}

int strlen(char *s)

{

char *p=s;

while(p!='\0')

{

p=p+1;

}

return p-s;

}

alloc

#define ALLOCSIZE 10000

static char allocbuf[ALLOCSIZE];

static char *allocp=allocbuf;

char *alloc(int n) /* return pointer to n characters*/

{

if (allocbuf + ALLOCSIZE -allocp-n >=0)

{

allocp=allocp+n;

return allocp-n;

}

else

{

return 0;

}

}

pointers and arrays

int a[10];

int *pa;

pa = &a[0];

x= *pa;

*(pa+1) a[1]

as formal parameters in a function definition: char a[] equivalent to char *a;

when an aray name is passed t a function, what is passed is the location of the initial element. int strlen(char *s) { int n; for (n=0;*s!="\0";s++) { n++; } return n; }

poniters is a variable, array is not

pa=&a[0]; pa=a; equal!

there is a strong relationship between pointers and arrays, strong enough that pointers and arrays should be discussed simultaneously.

poniters and function argument

void swap(*p,*q) { int temp; temp=*p; *p=*q; *q=tmp; }

swap(&a,&b)

pointers and address

int x=1,y=2,z[10];

int *ip; /* ip as a pointer*/

ip = &x; /* ip is now point to x*/

y=*ip; /* y=1 now */

*ip=0; /*x=0 now*/

unary operator & gives the address of an object: p=&c

pointers is a group of cells that can hold an address

Network programming TCP/IP

vim,gcc,gdb

Algorithm
priorityQueue

unordered array :insert 1;del Max N,Max N ordered array:insert N;del Max 1;Max 1 goal: insert logN;del Max logN; Max 1

remove the largest or smallest one

applications

find the Largest M items in a stream of N items constraints: not enough memory for N items

time:NlogM space :M

elementary

time :MN space:N

sort

time: NlogN space N

Graph search

Dijikstra's Algorithm

event driven simulation

customers in line

system sort

guarantee faster in practice

Merge Sort

nlogn

implement

public class merge

{

private static void merge(Comparable[] a, Comparable[] b, int lo, int hi)

{

for(int i=lo;i<hi;i++)

{

b[i]=a[i];

}

int mid=(lo+hi)/2;

int j=mid;

for(int k=lo;k<hi;k++)

{

if(i>mid) a[k]=b[j++];

else if(j>hi) a[k]=b[i++];

else if(b[i]>b[j]) a[k]=b[j++];

else if(b[i]<b[j]) a[k]=b[i++];

}

}

private static void sort(Comparable[] a, Comparable[] b,int lo,int hi)

{

if(hi<lo) return;

int mid=(lo+hi)/2;

sort(a,b,lo,mid);

sort(a,b,mid+1,hi);

merge(a,b,lo,hi);

}

public static void sort(Comparable[] a)

{

aux=new Comparable[a.length];

sort(a,aux,0,a.length-1);

}

}

stable

elementary Sorts

shuffling sort

generate r (0,i) and swap (r ,i),i++

n

generate random for each one and use them as their key to sort

nlogn or n^2

shell sort

speciall insertion sort

insertion sort

alway sort a[j]anda[j-1] and swap

selection sort

alway find min the rest and ,input min into sorted part

stacks and Queus

stack applications

arithmetic expression evaluation

(1+((2+3)*(4*5)))==123+445**+ operator occurs after two values

right parenthesis:ignore left parenthesis:pop operator and two values; then push the result of applying that operator

operator stack

value stack

compiler implements a function

pop return address and local environment

push local environment and return address

back button

undo in a word processor

iterators

public class Stack<Item> implements Iterable<Item>

{

public Iterator<Item> iterator()

{ return new ReverseArrayIterator() }

private Iterator<Item> iterator implements Iterator<Item>

{

private Node current = first;

public boolean hasNext() {return current!=null;}

public Item next()

{

Item item=current.item;

current=current.next;

return item;

}

}

}

}

what is an Iterable

generic

public class stack private Item[]s; s=(Item[])new Object[size];

public class stack public void push(Item item) public Item pop Item item=first.item;

we also want StackOfURL,stackOfInts,StackOfVans....

Queue implementation

public class LinkedQueueOfString

{

private Node first,last;

private class Node

{

String data;

Node next;

}

public boolean isEmpty();

{

return first==last;

}

public void Enqueue(String newString)

{

Node oldlast=last;

last=new Node();

last.data=newString;

last.next=null;

if (isEmpty()) first=last;

else oldlast.next=last;

}

public String dequeue()

{

String item=first.item;

first=first.next;

if (isEmpty()) last=null;

return item;

}

}

stacks implementaion

//implement stack in linkedlist

public class LinkedStackOfStrings

{

private Node first=null;

private class Node

{

String item;

Node next;

}

public boolean isEmpty()

{

return first==null;

}

public void push(String news)

{

Node oldfirst=first;

first=new Node();

first.item=news;

first.next=oldfirst;

}

public String pop()

{

String pop=first.item;

first=first.next;

return item;

}

}

//implement stack in array

public class LinkedStackOfStrings

{

private int N=0;

private String[] s;

public setsize(int size);

{

s=new String(size);

}

public void push ( String item)

{

if (N==s.length) resize(s.length*2);

S[N]=item;

N=N+1;

}

public String pop()

{

N=N-1;

String re=s[N];

s[N]=null;

if (N<s.length/4) resize(s.length/2);

return re;

}

public boolean isEmpty()

{

return N==0;

}

public void resize(int size)

{

String n=new String(size);

for(int i=0;i<N;i++)

{

n[i]=s[i];

}

s=n;

}

}

Resizing -array

every operation takes constant amrtized time

less wasted space

linked-list

extra time and space to deal with the links

everyopertions take constant time in the worst case

stack lifo;Queue fifo

operations

test if empty

iterate

Analysis

knowledge

method

mathematical analysis

explain behavior

empirical analysis

make predictions

java usage

char[] array

2N + 24

padding

ech object uses a multiple of 8 bytes

4 bytes

reference

8 bytes

object overhead

16bytes

type

best case

average case

worst case

common notation

Tilde-notation

Big O

running time

exponetial

cubic

quardratic

linearithmic

O(nlogn)

linear

O(n)

logarithmic

O(logn)

constant

O(1)

interview question

drop egg

Egg drop.

Version 0: 1 egg, =T tosses.

-------> from 1 , one floor and the other

Version 1: ~1lgN eggs and ~1lgN tosses.

-------> from N/2 floor--->[0,N/2]or [N/2,0]--->.....

Version 2: ~lgT eggs and ~2lgT tosses.

-------> for 1 floor to drop , and than 2*Floor ------> 1, 2, 4, 8,.....T

times< logT, eggs <lgT

Version 3: 2 eggs and ~2sqrt(N) tosses.

-------> from 0 floor to sqrt(N), then sqrt(N) to 2sqrt(N),finally find a*sqrt(N),(a+a)*sqrt(N)

sqrt(N)

Version 4: 2 eggs and =cTsqrt(v) tosses for some fixed constant c.

-------> from 0 to c then

Search in a bitonic array

import java.util.Arrays;

public class fastthreeSum

{

public static int peak(int []a)

{

int N=a.length;

for(int i=1;i<N;i++)

{

if(a[i-1]<a[i]&&a[i]<a[i+1])

{

return i;

}

}

}

public static int search(int [] a,int x)

{

int N=a.length;

int mid=peak(a);

int []m=new int[mid];

int []n=new int[N-mid];

for(int i=0;i<mid;i++)

{

m[i]=a[i];

}

for(int i=0;i<N-mid;i++)

{

n[i]=a[i+mid];

}

int q=Arrays.binarySearch(m,x);

int p=Arrays.binarySearch(n,x);

return p&q;

}

}

3-SUM in quadratic time.

public class fastthreeSum

{

public static boolean test (int[] a)

{

int N=a.length;

for(int i=0;i<N;i++)

{

if (a[i]==a[i-1])

{

return true;

}

}

return false;

}

public static void printall(int[] a)

{

int N=a.length;

Array.sort(a);

if(test(a)) throw new IllegalArgumentException("array has duplicate");

for (int i=0;i<N;i++)

{

for (int j=i;j<N;j++)

{

int k=Arrays.binarySearch(a, -(a[i]+a[j]));

System.out.println(a[k]+" "+a[i]+" "+a[j]);

}

}

}

}

Data Structure
Graph

DFS

BFS

graph class

class Graph:

def __init__(self):

self.vertList = {}

self.numVertices = 0

def addVertex(self,key):

self.numVertices = self.numVertices + 1

newVertex = Vertex(key)

self.vertList[key] = newVertex

return newVertex

def getVertex(self,n):

if n in self.vertList:

return self.vertList[n]

else:

return None

def __contains__(self,n):

return n in self.vertList

def addEdge(self,f,t,cost=0):

if f not in self.vertList:

nv = self.addVertex(f)

if t not in self.vertList:

nv = self.addVertex(t)

self.vertList[f].addNeighbor(self.vertList[t], cost)

def getVertices(self):

return self.vertList.keys()

def __iter__(self):

return iter(self.vertList.values())

__iter__(self)

iter(self.vertList.values())

def getVertices(self)

self.vertList.keys()

addEdge(f,t,cost)

self.vertList[f].addNeighbor(self.verteList[t],cost)

add t

add f

get Vertex(self,n)

return None

if n in self.vertexList: return self.vertexList[n]

add Vertex(self,key)

return newVertex

self.vertList[key]=newVertex

newVertex=Vertex(key)

numVertices++

Init

numVertices

vertList

vertex class

class Vertex:

def __init__(self,key):

self.id = key

self.connectedTo = {}

def addNeighbor(self,nbr,weight=0):

self.connectedTo[nbr] = weight

def __str__(self):

return str(self.id) + ' connectedTo: ' + str([x.id for x in self.connectedTo])

def getConnections(self):

return self.connectedTo.keys()

def getId(self):

return self.id

def getWeight(self,nbr):

return self.connectedTo[nbr]

get weight

return self.getconnected[nbr]

get Id

return self.id

get connections

self.connectedTo.keys()

addNeighbor

self.connectedTo[nbr]=weight

self.connectedTo={}

self.id=key

Tree

binary search Tree

binary heap

class BinHeap:

def __init__(self):

self.heapList=[0]

self.currentSize=0

def insert(self,k):

self.heapList.append(k)

self.currentSize=self.currentSize+1

self.percUp(self.currentSize)

def percUp(self,i):

while i//2 > 0:

if self.heapList[i] < self.heapList[i//2]:

tmp=self.heapList[i//2]

self.heapList[i//2]=self.heapList[i]

self.heapList[i]=tmp

i=i//2

def minChild(self,i):

if i*2+1 > self.currentSize:

return i*2

else:

if self.heapList[i*2]<self.heapList[i*2+1]:

return i*2

else:

return i*2+1

def perDown(self,i):

while(i*2) <= self.currentSize:

mc=self.minChild(i)

if self.heapList[i]>self.heapList[mc]:

tmp=self.heapList[i]

self.heapList[i]=self.heapList[mc]

self.heapList[mc]=tmp

i=mc

def delMin(self):

retval=self.heapList[1]

self.heapList[1]=self.heaplist[self.currentSize]

self.currentSize=self.currentSize-1

self.heapList.pop()

self.percDown(1)

return retval

def buildHeap(self,alist):

i=len(alist)//2

self.currentSize=len(alist)

self.heapList=[0]+alist[:]

while (i>0):

self.perDown(i)

i=i-1

currentSize

heapList

delMin

return

perDown(1)

heapList.pop()

currentSize--

self.heapList[1]=self.heapList[currentSize]

retval=self.HeapList[1]

perDown

if heapList[i]>heapList[mc],swap

mc=minChild(i)

while i*2

minChild

getthe min heapList[i] of i between i*2 and i*2+1

percUp

i=i//2 until i=0

heapList[i//2]> heapList[i] swap

i//2

currentSize++

perup(currentSize)

heapappend

Subtopic

binary tree

class BinaryTree:

def __init__(self,rootobj):

self.key=rootobj

self.leftchild=None

self.rightchild=None

def insertleft(self,newNode):

if self.leftchild==None:

self.leftchild=BinaryTree(newNode)

else:

t=BinaryTree(newNode)

t.leftchild=self.leftChild

self.leftChild=t

def insertright(self,newNode):

if self.rightChild==None:

self.right=BinaryTree(newNode)

else:

t=BinaryTree(newNode)

t.rightChild=self.rightChild

self.rightChild=t

def getRightChild(self):

return self.rightChild

def getLeftChild(self):

return self.leftChild

def setRootVal(self,obj):

return self.key=obj

def getRootVal(self):

return self.key

insert rightChild,get rightChild

insert leftChild,get leftChild

setRootVal,getRootVal

_init_(obj)

self.leftChild=None

self.rightChiled=None

self.key=obj

Sorting

quick sort

def quick(list):

if list=[]

return []

else:

pilot=list[0]

lesser=quick([x for x in list if x<pilot])

greater=quick([x for x in list if x>pilot])

return lesser+pilot+greater

merge sort

def merge(list):

middle=len(list)/2

left=merge(list[:middle])

right=merge(list[middle:])

return mergesort(left,right)

def mergesort(left,right):

i,j=0,0

result=[]

while i<len(left) and j<len(right):

if left[i]<right[j]:

result.append(left[i])

i=i+1

else

result.append(right[j])

j=j+1

result+=left[i:]

result+=right[j:]

return result

Recursion
Basic

List

Queues

class Queue:

def __init__(self):

self.items=[]

def isEmpty(self):

return self.items==[]

def enqueue(self,item):

self.items.insert(0,item)

def size(self):

return len(self.items)

dequeue

pop()

enqueue

insert(0,item)

Stacks

class Stack:

def __init__(self):

self.items=[]

def isEmpty(self):

return self.items==[]

def push(self,item):

self.items.append(item)

def pop(self,item):

self.items.pop()

def size(self):

return len(self.items)

push

append

implementing list

list class

class List:

def __init__(self):

self.head=None

def isEmpty(self):

return self.head==None

def add(self,item):

temp=Node(item)

temp.setNext(self.head)

self.head=temp

def size(self):

current=self.head

count =0

while current != None:

count=count+1

current=current.getNext()

return count

def search(self,item):

current=self.head

found=False

while current != None and not found:

if current.getData() == item:

found=True

else:

current=current.getNext()

return found

def remove(self,item):

current=self.head

previous=None

found=False

while current != None and not found:

if current.getdata == item:

found=True

else:

previous=current

current=current.getNext()

if previous == None:

self.head==current.getNext()

else:

previous.setNext(current.setNext())

def append(self,item):

current=self.head

append=Node(item)

while current.getNext() != None:

current=current.getNext()

current.setNext(append)

def index(self,item):

current=self.head

found=False

count=0

while not found:

if current.getdata == item:

found=True

return count

else:

current=current.getNext()

count=count+1

return False

def insert(self,pos,item):

current=self.head

count=0

previous=None

while count<pos:

previous=current.getNext()

count=count+1

newitem=Node(item)

newitem.setNext(previous.getNext())

previous.setNext(newitem)

def pop(self):

current=self.head

found = False

previous=None

while current.getNext != None:

previous=current

current=current.getNext()

previous.setNext(None)

return current.getData()

def pop(self,pos):

current=self.head

count=0

previous=None

if self.size < pos:

return False

while count < pos :

previous=current

current=current.getNext()

count=count+1

previous.setNext(current.getNext)

pop

insert

size

isEmpty

search

remove

add/append

Node class

class Node:

def __init__(self,initdata):

self.data=initdata

self.next=None

def getData(self):

return self.data

def getNext(self):

return self.next

def setData(self,newdata):

self.data=newdata

def setNext(self,newnext):

self.next=newnext

init

setNext

setData

getNext

getData

Linux operating

shell script
admin command
rpm,yum,dpkg,apt-get
crontab
df -h,mount,
fdisk, quota
ps aux,top,kill,netstat,nslookup
chmod,chown,chgrp
regex expression tools
., *, ^,$, [],?,+
sed

sed '/tea/s//milk/g' filename

awk

awk '/good/ {print $3}' filename

grep

grep 'good' filename

basic command
I/O and Pipe >>,>,<<,< ,|
make

makefile

clean

main

ls,cd,mv,man,cp,locate,cat,find,echo,tail,sort,tr

iiuyr

Network

Network Security
ssl

handshake

authentication key exchange

slow

suitable

IPsec

model

esp

AH

penetration test methodology

testing

Reporting and Quantization of Severity

All vulnerability are assigned severity values to quantify the risk based on CVSS

All vulnerability found are documented in a report

high severity vulnerability report immediately

Test Evaluation and exploitation

if vulnerability cannot practically and safely exploited, it will be reported as-is with information

attempt to do safe and pratical exploitation and do report

Vulnerability Scanning

Metasploit

Burp Suite

Nessus

Nmap

Information Gathering

Initial Scanning

In-scope web site

DNS

syn common port

customer-provided

source code

hostnames

Ip adds

Zmap
password

tool

get hash

john

cryptograph

hash functiion

DSS

secure hash algorithm (sha)

to detect changes to message

symmetric

public keand & private key

key distribution

asymmetric

single key

sql injection

kali sql map

wifi

kali platform

Network Layer
OSI 7 layers

Physical

conveys bits stream

Hardware interface

Data Link

Mac

identify computer

LLC

interface between ntetwork and MAC, protocol multiplexing, flow control

packet decode and in code into bits

Network

congestion control

inter-network

addressing

forwarding

logical path

Transport

flow control

end to end recovery

transport

Session

manage connection between applications

Web request

SQL

Presentation

formats and encrypt

synchronize

TCP/IP 5 layers

physical

trammit each frame

Frame-ralay / data link

add frame header

IP

break segments to requirements

TCP

duplicate segments

segment data

Application

encrypt

data

Network Engineer
CCNP

Trouble Shooting

Switch

Route

EIGRP

does not have a complete map

only advertises its best route to its neighbour

neighbour relationship

Triggered updates

BGP

OSPF

Link-State

RIP

Distance vector

Get CCNA at 2010
Web
jquerry

codeAcademy course 50% finished

Database Sql

good at use command

take tutorial from w3cschool

html,css

codeAcademy course 100%finished