All about Tutorial





Learn Git Branching

https://learngitbranching.js.org/

Git | Tutorial

Learn Git Branching is an interactive git visualization and tutorial. The website contains multiple levels/tasks teaching different aspects of git. Each level starts with a goal and contains helpful instructions. The website features a fake command line for inputting git commands and an interactive git graph visualization, which shows the state of the repository in every step.



Pin and suffering

https://fasterthanli.me/articles/pin-and-suffering

Cheatsheet | Rust | Tutorial

In the Pin and suffering article, the author fasterthanlime explains how to implement async functions in Rust. The article starts by implementing an async function and the problem of calling blocking functions. It continues with instructions on how to work with Pin and Unpin futures. At the end, the article explains how all of the above can be done without using the syntactic sugar of async functions.


Post-Mortem Python Plotting

https://andyljones.com/posts/post-mortem-plotting.html

Python | Tutorial

The extract function copies the local variables from the current function frame into the existing Jupyter session. If the Python code crashes, you can enter the debugger with the %debug magic and then use the extract function to copy the variables from the function frame into the Jupyter session. The variables can now be properly inspected, e.g., plotted.

The original URI above contains more details how to use this post-mortem debugging.

def extract(source=None):
    """Copies the variables of the caller up to iPython. Useful for debugging.

    .. code-block:: python

        def f():
            x = 'hello world'
            extract()

        f() # raises an error

        print(x) # prints 'hello world'

    """
    import inspect
    import ctypes 

    if source is None:
        frames = inspect.stack()
        caller = frames[1].frame
        name, ls, gs = caller.f_code.co_name, caller.f_locals, caller.f_globals
    elif hasattr(source, '__func__'):
        func = source.__func__
        name, ls, gs = func.__qualname__, (func.__closure__ or {}), func.__globals__
    elif hasattr(source, '__init__'):
        func = source.__init__.__func__
        name, ls, gs = func.__qualname__, (func.__closure__ or {}), func.__globals__
    else:
        raise ValueError(f'Don\'t support source {source}')

    ipython = [f for f in inspect.stack() if f.filename.startswith('<ipython-input')][-1].frame

    ipython.f_locals.update({k: v for k, v in gs.items() if k[:2] != '__'})
    ipython.f_locals.update({k: v for k, v in ls.items() if k[:2] != '__'})

    # Magic call to make the updates to f_locals 'stick'.
    # More info: https://pydev.blogspot.co.uk/2014/02/changing-locals-of-frame-frameflocals.html
    ctypes.pythonapi.PyFrame_LocalsToFast(ctypes.py_object(ipython), ctypes.c_int(0))

    message = 'Copied {}\'s variables to {}'.format(name, ipython.f_code.co_name)
    raise RuntimeError(message)


Real Python

https://realpython.com/

Python | Tutorial

It contains a comprehensive list of tutorials, ranging from beginner to advanced. Moreover, it contains community interviews with well-known Python users, a list of Python books and quizzes.


Rust Atomics and Locks

https://marabos.nl/atomics/

Rust | Tutorial

The "Rust Atomics and Locks" book by Mara Bos provides in great detail information about concurrent programming in Rust. It starts with the concurrent programming concepts available in Rust. On this basis, atomics, locks, and channels are explained by builing a new one. At the end, it also covers processor and operating system details.






Subdomain Enumeration by Bastian Kanbach

https://blog.apnic.net/2023/01/17/subdomain-enumeration-with-dnssec/

DNS | DNSSEC | Tutorial

The blog post about Subdomain Enumeration in the APNIC blog provides a great overview of the techniques, defenses, and tools for it. Subdomain enumeration is the act of learning available subdomains in a zone using DNSSEC. This is with NSEC records and somewhat harder with NSEC3, due to hashing of names. The blog goes explains how online signing can combat subdomain enumeration, using the white lies or the black lies strategies. Lastly, it links to tools for performing these attacks.


TLS, byte-by-byte

https://bytebybyte.dev/

TLS | Tutorial

The website shows and annotates a real TLS handshake for the website. It shows each message that is transferred and explains the values that are seen. For this, a JavaScript TLS library is used that communicates with the website. The communication is then displayed.






The Illustrated QUIC Connection

https://quic.xargs.org/

QUIC | TLS | Tutorial

The website shows an example QUIC connection and displays the messages sent by client and server. The visualization contains the transferred messages and computation steps that need to be performed on each side. The visualization contains explanations of the steps, including code snippets. Each byte for the transferred messages has further annotations to it.


The Illustrated TLS 1.3 Connection

https://tls13.xargs.org/

TLS | Tutorial

The website shows an example TLS 1.3 session and displays the messages sent by client and server. The visualization contains the transferred messages and computation steps that need to be performed on each side. The visualization contains explanations of the steps, including code snippets. Each byte for the transferred messages has further annotations to it.


Tour of Rust

https://tourofrust.com/

Rust | Tutorial

Welcome to the Tour of Rust. This is meant to be a step-by-step guide through the features of the Rust programming language. Rust is often considered a language with a steep learning curve, but I hope I can convince you there's a lot to explore before we even get to complex parts.

The Tour of Rust is available in many languages.


explain.rs

https://jrvidal.github.io/explaine.rs/

Rust | Tutorial

explaine.rs is an interactive playground to explore the syntax of the Rust Programming Language.

You can write any Rust code in the editor and the analyzer will allow you to click/tap on different keywords, punctuation elements and other bits of code and help you understand what they mean.


how2heap: Educational Heap Exploitation

https://github.com/shellphish/how2heap

CTF | Tutorial

This repo is for learning various heap exploitation techniques. We use Ubuntu's Libc releases as the gold-standard. Each technique is verified to work on corresponding Ubuntu releases. You can run apt source libc6 to download the source code of the Libc you are using on Debian-based operating system. You can also click ⏵ to debug the technique in your browser using gdb.

Besides the heap exploitation examples the repo also contains references to helpful tools and further information about heap exploitation.