Binary Cookies

Go (golang) implementation of an encoder and decoder for the Binary Cookies file format used by Safari and other applications based on WebKit to store HTTP cookies. A CLI program is also included to allow you to inspect and manipulate the binary cookies from the commodity of your Terminal.

Baburu (バブル)

Baburu (バブル) a minimalistic, native and open-source push notification service for macOS written in Swift 5. The app allows you to configure access to a self-hosted web API service that stores and delivers JSON objects that are immediately translated into native user notifications.

Hacking a Git Repository

Rebuilding a Git repository using public accessible files is easier than many people think, and so leaving your “.git” folder in your production servers —or any public server at all for that matter— opens a huge hole in your security if what you are tracking there is highly sensitive like source code and credentials.

Apple GDPR Data Export

After the European Union put in march the implementation of the GDPR law, thousands of people started to exercise their data exportability rights by requesting different companies to send them an archive with all the information that they have collected from them. I have decided to sum myself up to the list of people requesting their data, and this time I did so with Apple.

Hex Fiend Templates

Binary Templates are a new feature in Hex Fiend that allow you to visualize the structure of a binary file. They are implemented in Tcl since this language is easy to embed, easy to write, has a ton of features, and already ships with macOS. This feature enables the researcher to easily identify key parts of the binary file that is being studied.

Go (golang) + Vue.js

Exploring a bit more about modern front-end development and the most popular JavaScript frameworks like Angular.js, React.js, Vue.js I went ahead and compared the development process and requirements and ended up with a lightweight approach to fire up a web application using Go for the back-end and Vue.js for the front-end without the overhead of Node.js and NPM.

Language Server Protocol

The Language Server protocol is used between a tool (the client) and a language smartness provider (the server) to integrate features like auto complete, go to definition, find all references and alike into the tool. The LSP was created by Microsoft to define a common language for programming language analyzers to speak.

Text Editor Latency

Editor latency is the delay between an input event and a corresponding screen update, in particular case - the delay between keystroke and character appearance. While there are many kinds of delays (caret movement, line editing, etc), typing latency is a major predictor of editor usability.

Bloom Filters, Probabilistic

A Bloom filter is a space-efficient probabilistic data structure that is used to test whether an element is a member of a set. False positive matches are possible, but false negatives are not, thus a Bloom filter has a 100% recall rate.

When GitHub Goes Down

As of 21 Oct, 2016 GitHub is down due to an intermittent DDoS attack against one of the biggest DNS services, DYN. Fortunately Git is a distributed protocol and if you are a conscious developer you surely have alternative origins to push your code and/or to populate deployment.

Scikit-learn Installation (Linux Mint)

Scikit-learn is a free software machine learning library for the Python programming language. It features various classification, regression and clustering algorithms including support vector machines, random forests, gradient boosting, k-means and DBSCAN, and is designed to interoperate with the Python numerical and scientific libraries NumPy and SciPy.

MI5 Coding Challenge

MI5 (Military Intelligence, Section 5) is the United Kingdom's domestic counter-intelligence and security agency and is part of its intelligence machinery alongside the Secret Intelligence Service (MI6), Government Communications Headquarters (GCHQ) and Defence Intelligence (DI). The service is directed to protect British parliamentary democracy and economic interests, and counter terrorism and espionage within the UK.

CtCI - Grade School Algorithm

Cracking the Coding Interview; Grade School Algorithm; A multiplication algorithm is an algorithm (or method) to multiply two numbers. Depending on the size of the numbers, different algorithms are in use. Efficient multiplication algorithms have existed since the advent of the decimal system.

CtCI - Snail Sort

Cracking the Coding Interview; Snail Sort; Snail Sort is an algorithm that takes a multi-dimensional array and flattens it to create a new array with all the elements from the matrix but in the same order as a snail shell. This is, starting from the left side of the first array in the matrix and ending on the center of it as pictured below.

CtCI - Making Anagrams

Cracking the Coding Interview; Making Anagrams; Alice is taking a cryptography class and finding anagrams to be very useful. We consider two strings to be anagrams of each other if the first string's letters can be rearranged to form the second string. In other words, both strings must contain the same exact letters in the same exact frequency For example, "bacdc" and "dcbac" are anagrams, but "bacdc" and "dcbad" are not.

CtCI - Array Left Rotation

Cracking the Coding Interview; Array Left Rotation; A left rotation operation on an array of size N shifts each of the array's elements one unit to the left. For example, if two left rotations are performed on array [1,2,3,4,5], then the array would become [3,4,5,1,2]. Given an array of N integers and a number, D, perform D left rotations on the array. Then print the updated array as a single line of space-separated integers.

CtCI - Simplify Selection Ranges

Cracking the Coding Interview; Simplify Selection Ranges; You are given an array of numbers and must simplify the array by replacing ranges of three or more items with the shorthand N-M equivalent and returning the result as a string, sorted from lowest to highest.

CtCI - Triforce Secret Realm

Cracking the Coding Interview; Triforce Secret Realm; Link has been sent to the Secret Realm to find the Triforce and save Hyrule. But the vile Ganondorf followed Link into the "Temple of Time", trapped him, and took the Triforce for himself. The "Temple of Time" has been closed for a thousand years now, but the Sages finally found you and they need your help to open the Temple of Time's door and join Link in the ultimate battle.

CtCI - Glass Stacking

Cracking the Coding Interview; Glass Stacking; You are given a number N of glasses. Your job is to determine the largest pyramid that can be built with the glasses provided, and then create that pyramid in the output. A glass is represented in by an arroba. Each floor in the pyramid must be centered and the glasses must be separated by a single white space between them.

CtCI - Sum Pair Finder

Find a pair of indexes in an unordered integer array where the sum of the numbers in both indexes is equal to the target. If the solution uses brute-force find a way to optimize the solution to find the pairs indexes faster. Assume that one and only one pair of indexes sums up to the target, so you do not need to keep comparing the results after you find the first pair of indexes.

CtCI - Overlapping Ranges

Cracking the Coding Interview; Overlapping Ranges; Given a list of objects containing the login and logout times for multiple users, determine what is the maximum number of concurrent users logged in at the same time.

CtCI - Integer to String

Cracking the Coding Interview; Integer to String; Given an unsigned integer, return the corresponding ASCII character representation without using language built-in features.

CtCI - Balanced Parenthesis

Cracking the Coding Interview; Balanced Parenthesis; Determine if there is a parenthesis balance in a given string.

Cracking the Coding Interview

Cracking the Coding Interview, a book that gives you the interview preparation you need to get the top software developer jobs. This is a deeply technical book and focuses on the software engineering skills to ace your interview. This is a series of short non-listed articles about data structures and algorithms.

Google Billboard Puzzle

Have you seen this billboard before? This was part of a campaign to recruit engineers to work at Google in 2004, and since then it has become a recurrent approach by recruitment companies to bring geniuses to work for the big four IT companies, even today more than ten years after this billboard we still can find challenges like this as a starting point for an interview process.

Rudimentary Password Manager

Choosing a strong password nowadays seems like a difficult task considering how powerful computers are, they can break many of the encryption algorithms that are publicly available. OpenSSL with a little bit of AES is what I use to manage my own accounts.

Varnish Cache

Varnish Cache is a web application accelerator also known as a caching HTTP reverse proxy. You install it in front of any server that speaks HTTP and configure it to cache the contents. Varnish Cache is really, really fast.

FastCGI Server

This is a guide for the installation and configuration of a fastcgi server called php-fpm for a local development environment (even so this guide can be used to install it in a production server with the same functionality).

Nginx Server

This is a guide for the installation and configuration of a nginx server for a local development environment (even so this guide can be used to install nginx in a production server with the same functionality).

GitHub Username

I was looking around when suddenly I remembered that in the past I saw a GitHub account with a single letter as username, so I wanted to check how many single-letter-accounts were available at this time, and wrote a script to quickly check the availability of those usernames.

Android Kitkat

Android is the operating system that powers over 1 billion smartphones and tablets. Since these devices make our lives so sweet, each Android version is named after a dessert: Cupcake, Donut, Eclair, Froyo, Gingerbread, Honeycomb, Ice Cream Sandwich, and Jelly Bean.

Fontconfig Warning

After an upgrade of Linux Mint Debian Edition I've found a little bug in the Font Config package, this warning is shown on almost every Terminal execution, including multimedia streaming, some Gimp plugins and even Zenity has stop working.

GitHub Contributions

Hello, today I'm coming with a very simple article, but with a curious image. This post doesn't have a technical explanation, it is just something that I want to share because it was funny to achieve this thing Cixtor GitHub Contributions.

Laravel App Generator

Laravel Application Generator is one of the tools part of the MamuTools project, this was created to accelerate the creation process of an application based on Laravel giving the possibility to install Composer if it is not detected in the system, this can be helpful for a development in a shared hosting or if you don't have the knowledge to install external software in your system.

Node-Webkit

Node-Webkit it's a web application runtime based on Chromium and Node.JS that lets you integrate Node.JS functions and modules directly from WebKit DOM and enables a new way of writing native application with all web technologies.

NGrok Secure Tunnel

NGrok is a network application built to provide introspected tunnels to localhost. Basically it allow you to expose securely your local web server to the Internet and capture all traffic for detailed inspection and replay.

Chrome Upgrade

Personally I don't install new software in my Linux computer using a package manager, sometimes those programs are installed with the stable version available in the repositories of the distribution you use. And sometimes there are programs unavailable in those repositories.

Heml.is

Heml.is the beautiful and secure messenger built by Peter Sunde, Leif Hogberg and Linus Olsson, all this primarily by the leak from Edward Snowden that made this people understand that this is needed.

Learn GIT

GitHub offers free, short, topical online classes about GitHub, Git, and the union of these two technologies. We rotate through various topics every few months and are constantly looking to introduce new topics and concepts into the mix.

Medellin 2018 - Youth Olympic Games

The Youth Olympic Games (YOG) is an international multi-sport event held every four years, created by the International Olympic Committee (IOC) for participating athletes from around the world between the ages of 15-18.

Laravel Framework

Almost a year ago I decided to stop using PHP as a language for my projects and decided to start developing all my web type projects using frameworks for Ruby, I can now say I've mastered Ruby on Rails and Sinatra.

GIT Repository Updater

Being an autodidact developer I'm always looking new technologies to test out in my machine, counting new tools, languages and libraries. Almost sixty percent of all that information came to me in GIT Repositories, sometime ago I've created a script to clone those repositories mainly hosted on Github to compress those files in a BZip2 package, but then I wanted to have a tool to synchronize locally the latest version of some projects.

Angular.JS

After months working with MVC Frameworks for JavaScript like BackBone.JS, Cappuccino, JavaScript-MVC, Ember.JS, HandleBars, Sammy.JS, Spine.JS I've decided that Angular.JS will be my choice for a long time since now. Why?, well that's a good question, each technology has advantages and disadvantages so I won't say Angular.JS it's better than the others because they all have advantages that others do not have.

Little Alchemy

Little Alchemy is a chemical game in the category puzzle and brain offered in the Google Chrome WebStore where you can mix elements to create others, at the beginning you have only four basic elements in your library.

GMail Plus Addressing

Use GMail to find and block the source of email Spam. GMail Plus Addressing is a very useful trick to save your mailbox from SPAM. And if you get Spammed, you know exactly which website or on-line service leaked your email address to those Spammers.

ISS with Linux

It's hard to get tech support 400 kilometers away from the Earth, which is why Keith Chuvala of United Space Alliance, a NASA contractor deeply involved in Space Shuttle and International Space Station operations, decided to migrate to Linux.

Light Table

Light Table is a new interactive IDE that lets you modify running programs and embed anything from websites to games. It provides the real time feedback we need to not only answer questions about our code, but to understand how our programs really work.

Google URL Shortener

An URL Shortener is a service that takes long URLs and squeezes them into fewer characters to make a link easier to share, tweet, or email to friends. Using a shortened URL leaves more room to say what's on your mind.

Brightness Control

Screen brightness can often be tricky to control. On many machines, physical hardware switches are missing and software solutions may or may not work well. Make sure to find a working method for your hardware! Too bright screens can cause eye strain. There are many ways to adjust the screen backlight of a monitor, laptop or integrated panel (such as the iMac) using software, but depending on hardware and model, sometimes only some options are available.

Kali Linux

Some days ago I've decided to say goodbye to BackTrack from my computer, due to the old repositories it has, the multiple problems with the kernel and because Offensive Security (the guys behind the maintenance of this Linux distribution) released a new project called Kali Linux to replace in the future BackTrack itself.

GIT LAN Repository

GIT is a distributed revision control and source code management (SCM) system with an emphasis on speed, initially designed and developed by Linus Torvalds for Linux kernel development; it has since been adopted by many other projects.

MemSQL - The Fastest Database

MemSQL places data into memory and translates SQL into C++ for the utmost optimization in query execution. This enables MemSQL to write and read data at incredible speeds, and by offering a relational interface, you can unify the data you'd normally store in a short-lived medium-cache or key-value store-and place it directly into a database along with your existing data.

Web Performance - Mobile

Due to the limited CPU capabilities of mobile devices, the high round-trip times of mobile networks, and the rapid growth of mobile usage, it is even more critical to understand and optimize for mobile performance than for the desktop.

Web Performance - Browser Rendering

Once resources have been downloaded to the client, the browser still needs to load, interpret, and render HTML, CSS, and JavaScript code. By simply formatting your code and pages in ways that exploit the characteristics of current browsers, you can enhance performance on the client side.

Web Performance - Payload Size

Minimizing the payload size of both dynamic and static resources can reduce network latency significantly; in addition, for scripts that are cached, cutting down their byte size speeds up the time the browser takes to parse and execute code needed to render the page.

Web Performance - Request Overhead

One way to cut down client request time is reducing the number of bytes uploaded as request header data keeping cookies and request headers as small as possible ensures that an HTTP request can fit into a single packet limited widely by the most used networks to approximately 1500 bytes per packet.

Web Performance - RTT

An important strategy for speeding up a web-page is to minimize the number of RTT that need to be made, since the majority of those RTT consist of HTTP requests and responses, it's especially important to minimize this number that the client needs to make and to parallelize them as much as possible.

Web Performance - Cache

Most web pages include resources that change infrequently, such as CSS files, image files, JavaScript files, and so on.

Web Performance

Internet is a complicated environment when we have a website without optimization, because generally the users can only wait for our content a few seconds before click on another link and leave our website.

Ruby Server Monitor

This was a post requested by a visitor of this website, here I speak about some tools that I use usually in my work administrating servers and preventing vulnerabilities in the company's web applications. Well, basically as a server administrator we need to be vigilant to possible disk space problems, memory exceeding or hacking attempts, so that I decided to write this script in Ruby.

Python Web-Frame

After explain how to create a Python GTK/Webkit application to load a website inside a GTK+ window generated with Python I decided to use this knowledge to embed some applets in local windows.

Debian 6.0.4 Squeeze

I am showing in this video screencast the installation process of one of the most powerfull linux distribution: Debian. I explain the disk partition process and a few startup configurations; with GNome desktop environment.

PHP jQuery WebTerminal

I am a Security Analyst, so all the time in my work I found many request attempts searching vulnerabilities in the web applications of my host; so I decided to develop a simple PHP WebTerminal script where I could test the php.ini file configuration, specially the parameter disable_functions and another security things.

Sublime Text

I'm pleased to announce that my newest course on Tuts+ Premium** is out and FREE to everyone. I have a confession: I'm a code editor addict, and have tried them all! He was an early adopter of Coda, a TextMate advocate, even a Vim convert. But all of that changed when discovered **Sublime Text**, the best code editor available today.

PHP XDebug

XDebug is a PHP extension, created by Derick Rethans one of the PHP core developers, which will helps you debugging your script by providing a lot of valuable debug information including multiple features.

VM Network Types

When you're using a Virtual Manager like VirtualBox or VMware Player you would like to use that virtual machine as another computer in the LAN or just have internet in it; well these virtualization's software let you configure this feature providing some types of network interfaces to use in the machine when it's running.

Google Profile Search

This is just a curiosity. How your Google+ profile appears in a result search.

GIT Package Repository

Every day when I surf over Internet I download many resources like images, scripts and full packages of something that I don't know yet, because you know, I want to learn many things; those packages are generally GIT Repositories composed for a large tree of folders and files.

PyroCMS Attachment

The blog module in PyroCMS has good features and a very interesting interface to create/edit contents in a common (or maybe complex, why not) website, but it missing something, a featured image field.

RubyGems Install

If you've seen my videos in youtube, you can assume that I use a Linux distribution called Backtrack; however, it has a lot of scripts developed in Ruby, the problem is in the way to install the ruby gem's documentation by default in the system.

The Pirate Bay - Search

This is just a GTK Launcher for GNome desktop environment that show an GTK+/Zenity widget where you can type an string and when you hit the OK button the xdg-open package will execute the default web-browser chosen by the alternatives settings in your system and will search in the worlds largest bittorrent tracket.

PyroCMS Module (Upgrade)

This is how to upgrade a PyroCMS module; a process very-very easy (but some people couldn't understand how to do this); a module upgrading let us change many features of the module itself like the table structure, settings and maybe integration with other modules.

PyroCMS Module

This is how to create a PyroCMS. PyroCMS is one of the most powerfull CMS in the web, nor Wordpress nor Joomla count in the list because no one of them have a framework below their codes; in first place Wordpress is a functional/procedural project where we write functions and return values to get data in/out the database, and in second place Joomla just has an API (very extensive and heavy to learn in one life); I don't like these CMS systems (and many others) not because they haven't a framework behind them, but because they haven't and standard/structure to develop new features.

PyroCMS Installation

In the version 2.1.4 of the installer of PyroCMS it will give us this welcome message followed by a button that will let us continue with the step #1 of the installation.

Pre-configure Web-package

Before the installation or any web-package that you will use in a public web server, you need to be sure that your files/folders in the package have the properly permissions according to the Linux Security Laws; first you should know that all folders in an UNIX file system should have 0755 octal permission and the files 0644.

DNS Resolution

Many times when I make changes to access restrictions in my website, or when I create new domains in my host I become frustrated when I find that my computer can not recognize the DNS IP addresses of those, someone might think: Hey, why not purge DNS cache of your computer, something very easy in Linux simply restarting the bind9 server.

Ruby Apache Log-Viewer

I am a Security Analyst, and all the time in my work I found many request attempts searching vulnerabilities in web applications hosted by the company where I work; so I decided to write a simple Ruby script parser which will allow me to view the Apache2 Logs easily, and then, try to identify the fingerprint of the attackers. Also I advise of some Apache2 Security Tricks, that prevent common hacking attempts.

Apache Security Tips

I am a Security Analyst, and all the time in my work I found many request attempts searching vulnerabilities in web applications hosted by the company where I work; so I decided to write a simple Ruby script parser which will allow me to view the Apache2 Logs easily, and then, try to identify the fingerprint of the attackers. Also I advise of some Apache2 Security Tricks, that prevent common hacking attempts.

Ruby LCD Display

The LCD-Display its a common code contest from ACM Chanllenges, basically the code should display a Number (input) in LCD-Display format (like digital clocks). I decided to develop this script in Ruby (because is easily) and after test the Input/Output of the script with a simple UNIX Date command output.

Ruby Webpage Parser

This is how to parse a Website with a Ruby script. All the time when I'm searching over Internet documents (and some funny contents, like manga... yeah I love manga) I found many interesting contents, really so many, and I couldn't view all of them; generally I ended writing scripts to download those mutlimedia contents (generally videos in Youtube) and review them with more time in my computer. Maybe you or someone else have this same wish, so that's why I decided to show how do I do this... How to Parse a Website with a Ruby script.

Bash Zenity Python

I have three python versions installed in my computer, each one has differents modules and configurations, I want to have a single file that let me choose the python binary file that I wish to use; so that's why I decided to write a Bash/Zenity script with a Python binary list allowed to use (and a GNome desktop shortcut entry to access it from the Main menu).

Ruby Password Generator

How to generate a random password like a Ninja; Yeah, I'm exited creating passwords for all my Internet accounts every week, so I decided to develop a quick script in Ruby to generate a list of passwords easily like CPanel style.

Python GTK Webkit

This is how to create a web browser engine application using one of the powerfull and understandable libraries WebKit used by Safari web browser and in a few range by Google Chrome (I personally prefer the Mozilla project, but XUL engine it's very difficult to understand for newbies, so that I decided to use PyWebkitGTK (by now).

Hello world

Hello world! I am Yorman, a Software Engineer from Vancouver, Canada with more than +10 years of experience in the field - since 2006 - using system programming languages like Vala, Swift, Go (GoLang), C++ and GUI libraries like GTK and QT as well as scripting languages like Bash and PHP - some limited experience with Ruby and Python - and web technologies like HTML, vanilla JavaScript and CSS. I also have experience working as a security analyst, doing malware research and penetration testing, OWASP and some OpenVAS and OSSEC tools.

Do you have a project idea? Let's make it together!