Identify security leaks in code

We will be using Gitleaks software to find security leaks. Here are the steps to identify leaks in your code repo -

Install gitleaks on your local machine. Click here to install. Check if it is installed successfully on your local machine.
Website> gitleaks --version
If its installed, it should show version of gitleaks.
Download sample.config file(see attachment) and copy on your local machine(this is the sample file with configuration/rules, you may change it as per your requirements).
Now git clone the repo on your local machine and goto your code folder.
Once you are in code folder, run gitleaks command.
Website> gitleaks --path=./ --config-path=../sample.config --verbose where, --path=./ => path of .git folder --config-path=../sample.config => path of sample.config file You can also download the report of leaks for sharing it with your team - Website> gitleaks -v --pretty --path [RepoPath] --config-path=../sample.config --report= [PathtosaveReport] where, --report = [PathtosaveReport] => Give the folder path where report should be saved.
It will take time from 1 minute to 30 minutes depending upon the size of folder and history.

(output of the gitleaks command)

🏀 Keep learning and sharing to build a strong community.

Comments

Create chatbot in 20 minutes using RASA

This blog will help you create a working chatbot with in 20 minutes. For creating chatbot we need following libraries to be installed- >> Python3 >> Pip3 >> Rasa Lets start installing all libraries & dependencies which are need for creating chatbot. Note: I have used MAC, therefore sharing commands related to it. You can install it on Windows, Linux or any other operating system using respective commands. 1. Install Python3 > brew install python3 > python --version #make sure you have python3 installed 2. Install Pip3 > curl -O https://bootstrap.pypa.io/get-pip.py > sudo python3 get-pip.py If you get issue related to Frameoworks while installing pip, follow below steps - > cd /usr/local/lib > mkdir Frameworks > sudo chown -R $(whoami) $(brew --prefix)/* Once installed check pip3 version > pip3 --version After python3 and pip3 is succeffully installed, proceed to next steps. 3. Install Rasa > pip

Could not load file or assembly 'Microsoft.Web.Infrastructure'

Could not load file or assembly 'Microsoft.Web.Infrastructure, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified. What 'Micorosoft.Web.Infrastructure' does? This dll lets HTTP modules register at run time. Solution to above problem: Copy 'Micorosoft.Web.Infrastructure' dll in bin folder of your project and this problem should be resolved. If you have .Net framework installed on machine, this dll should be present on it. You can search for this dll and copy it in your active project folder. Alternatively, you can install this dll using nuget package manager PM> Install-Package Microsoft.Web.Infrastructure -Version 1.0.0 Happy coding!!

AJAX Progrraming

Ajax , shorthand for Asynchronous JavaScript and XML , is a web development technique for creating interactive web applications. The intent is to make web pages feel more responsive by exchanging small amounts of data with the server behind the scenes, so that the entire web page does not have to be reloaded each time the user requests a change. This is meant to increase the web page's interactivity, speed, and usability. The Ajax technique uses a combination of: XHTML (or HTML) and CSS, for marking up and styling information. The DOM accessed with a client-side scripting language, especially JavaScript and JScript, to dynamically display and interact with the information presented. The XMLHttpRequest object is used to exchange data asynchronously with the web server. In some Ajax frameworks and in certain situations, an IFrame object is used instead of the XMLHttpRequest object to exchange data with the web server, and in other implementations, dynamically added tags may be used.

The noblest pleasure is the joy of understanding