Testing XXE Vulnerabilities In .NET Core
Did you know how to steal data using XML? I don’t. Wade Gausden tested the current version of .net core to be sure that this is still possible. Many people think that “hacking” is about scanning assembly code and reading HEX data on the fly. But this example shows the opposite: if you know the technology well - you may crack the site :)
Scientist.net is not about what you think
This library allows you to make an experiment. Let’s imagine you have complete complicated refactoring. You have a bunch of tests and tested it by hands, all your colleagues reviewed it, but you don’t 100% sure that the new solution has the same results as the old way. I’t on GitHub
Lazydocker
Are you love console GUI? Far is your best file explorer? Here is the app to help you with docker. It has all features you need: see logs, metrics, attach the process, manage containers, etc. I’t on GitHub. Same tool for k8s. A bit more information about tools is here.
Playwright
Do you want an ent-2-end test for your UI app, but without a big-long coding marathon? Playwright solves the problem. It’s like Selenium or Cypress or Puppeteer, but Playwright. You can write tests on any supported language: JavaScript, TypeScript, Python, C#, and Java. But the most interesting feature for me is code generation. You may run Playwright in a special mode and generate on any supported language the test skeleton just by clicking scenario in a browser! Here is the podcast with the program manager on the Playwright team(demo starts from 13:30), It’s on GitHub, Official site