https://www.gravatar.com/avatar/c98408c8d07c9b601027012285345ca4?s=240&d=mp

Full Analysis to License Generation Process of Github Enterprise

overview Github Enterprise is a code hosting and project collaboration platform tailored by Github for enterprise users. It provides two different deployment methods: public cloud and private cloud. This article will explain in detail the process of generating and verifying the Github Enterprise (hereafter referred to as GHE) license and the idea of reverse analysis, and at the same time share the one-click registration machine I wrote, which is ready to use out of the box.

Debugging Docker Container Networking Issues with nsenter

Docker is a good thing, we all know it. Its advantage is “isolation”. All dependencies, listening network ports, and garbage files generated by running are isolated in the Docker container. Application data, logs, and service ports are exposed in a unified form by Docker, which is simple and easy to maintain. . But its shortcoming is also “isolation”. In the production environment, we certainly think that the cleanest environment is the best, but once some bugs are exposed, we need to operate the services in the container, such as writing Python, modifying database content, and debugging service connectivity, it’s time for a headache.

Android App Automation with Appium

Recently, when I was collecting WeChat official accounts, I extended a requirement. If I want to collect official accounts in batches, I must first obtain the list of official accounts I care about. The automation behind it is very complete, so I only need to obtain all The Chinese name of the official account, the whole process will be opened. But here comes the problem, the Chinese name is not easy to deal with.

Agile Mock API for Reverse Engineering: An Example with Krisp

When testing (po) test (jie) software, the last thing I want to encounter is that the target software has the function of network verification. Say you want to change the code, but you don’t know where there are hidden stubs in the code, and it is very troublesome to change all the input and output points. Said to cut off its Internet cafes, and not all software provides the function of offline activation.

Bypass Cloudflare Anti-scraping with Cyotek WebCopy + Fiddler

foreword As a CDN service provider, Cloudflare has the most sense of presence (and the most offensive time) when it pops up its DDoS protection page when browsing the website. Under normal circumstances, it’s okay, at most, like the page in the picture below, it will stay for a while. In some special network environments, or when performing some special operations (such as the crawler we are going to do in this article), Cloudflare will force users to enter a graphic verification code, and recently switched from Google’s reCaptcha to its own hCaptcha[^hcaptcha ], the reason is that reCaptcha asks for money.

Learn CodeQL in X Minutes

CodeQL is a white-box source code audit tool that organizes code and metadata in a very novel way, enabling researchers to “retrieve code like querying a database” and discover security issues in it. Last year, Github acquired Semmel, the company that developed CodeQL, and jointly established Github Security Lab. Semmel previously launched LGTM, a source code analysis platform for open source communities and enterprises. Security concerns, meanwhile, remain free to the open source community and developers like CodeQL.