Origin of Ray

Why do we need a process?
What is the process and what does it consist of?
How does the process solve the problem?

This time, learn the basics of DOS (Distributed Denial-of-service) and DDOS (Distributed Denial-of-service).

上一篇博客结束，应该可以对Unity有个总体但是不深入不系统的理解，这次开始就从头系统得阅读官方文档来深入了解Unity的各种概念和功能。

Today, I took a look at the latest introductory tutorial on the Unity official website. In the process of watching, I simply summarized the concepts involved and the content that needs to be paid attention to.

Continuing with the previous summary, this time let’s talk about the operating system’s operating environment and architecture.

Recently, I seriously looked at the operating system from the beginning. I felt that I didn’t do anything in college, and the whole process seemed to be looking at new knowledge.

After reading a part of it, I feel that it can only form a little system, and I have a little understanding. To sum it up here, this should be a series.

Node.js allows you to run JavaScript outside of the browser. Due to its streamlined, fast, and cross-platform nature, Node.js can greatly simplify projects by unifying the stack. Although Node.js is not a web server, it allows servers (things that can be programmed in JavaScript) to exist in environments outside of the actual web client.
As Node.js becomes more and more popular, its security issues are the focus of hackers and security researchers.

The last blog analyzed the classification and basic combat methods of XSS, and this time I will continue to accept an XSS virus.

Definition

First, let’s analyze what is the XSS worm virus.

It is a cross-site scripting virus, mostly written in JavaScript, to break through the security restrictions of the browser, it is based on social engineering to induce users to click on the malicious invitation link to visit the site on the site to infect users, infected users and then send content containing worms to continue to infect secure users.

This blog can be linked to my last post aboutXSS 的分类与利用方式The pseudo-protocol and encoding bypass mentioned this time is also a code injection attack method. The pseudo-protocol provides another code injection point, and encoding bypass is the corresponding injection method.

XSS (Cross Site Scripting, pay attention to cross-site, not cross-domain, the difference between the two you can search for yourself) vulnerability is a commonplace front-end security threats.

But in fact, it still ranks in the top ten of the front-end vulnerability list so far.

In addition, I recently bought a course on cyber security vulnerabilities. Of course, the main purpose is to protect my information security, hahaha.

The course is roughly divided into five parts. The first part is the basics of security, which are all basic knowledge, such as HTML, CSS, JS, PHP, NGINX, Spring, network protocols, etc. In fact, it is a classic interview question. What will happen when you receive a webpage? This question is an excellent question. It can even be said that it is the backbone of all technologies on the Internet. Almost all of your knowledge can be linked to the real question.

The second part is the back-end security, a small part is about file upload vulnerabilities, or some Nginx vulnerabilities, most of them are about SQL injection, this part, read a little I think I should go back to see the database and then come back to see, because the basic do not understand.

So jump directly to the third part of the front-end security, up is this XSS, and refresh their own wave of cognition, record.