A half-hour to learn Rust

 https://fasterthanli.me/articles/a-half-hour-to-learn-rust

Learn Rust by reading many small snippets explaining keywords and symbols.

Generate SECCOMP Profiles for Containers

 https://podman.io/blogs/2019/10/15/generate-seccomp-profiles.html

This blog post explains how to generate SECCOMP profiles for containers. This is possible using podman and eBPF filters. Custom SECCOMP profiles allow limiting the container to exactly those syscalls it needs.

Hello DNS

 https://powerdns.org/hello-dns/

Hello DNS is a project to write a easy to read/understand summary of the DNS specification. It provides an entrypoint to understand DNS given that the full DNS specification is easily 2000 pages in size.

IP Command Cheatsheet

 https://access.redhat.com/sites/default/files/attachments/rh_ip_command_cheatsheet_1214_jcs_print.pdf

The cheatsheet describes in few words what the different subcommands of ip do. It includes some other helpful networking commands for arping, ethtool, and ss, and provides a comparison with the older net-tools commands.

Learn Git Branching

 https://learngitbranching.js.org/

Learn Git Branching is an interactive git visualization and tutorial. The website contains multiple levels/tasks teaching different aspects of git. Each level starts with a goal and contains helpful instructions. The website features a fake command line for inputting git commands and an interactive git graph visualization, which shows the state of the repository in every step.

Pin and suffering

 https://fasterthanli.me/articles/pin-and-suffering

In the Pin and suffering article, the author fasterthanlime explains how to implement async functions in Rust. The article starts by implementing an async function and the problem of calling blocking functions. It continues with instructions on how to work with Pin and Unpin futures. At the end, the article explains how all of the above can be done without using the syntactic sugar of async functions.

Post-Mortem Python Plotting

 https://andyljones.com/posts/post-mortem-plotting.html

The extract function copies the local variables from the current function frame into the existing Jupyter session. If the Python code crashes, you can enter the debugger with the %debug magic and then use the extract function to copy the variables from the function frame into the Jupyter session. The variables can now be properly inspected, e.g., plotted.

The original URI above contains more details how to use this post-mortem debugging.

def extract(source=None):
    """Copies the variables of the caller up to iPython. Useful for debugging.

    .. code-block:: python

        def f():
            x = 'hello world'
            extract()

        f() # raises an error

        print(x) # prints 'hello world'

    """
    import inspect
    import ctypes 

    if source is None:
        frames = inspect.stack()
        caller = frames[1].frame
        name, ls, gs = caller.f_code.co_name, caller.f_locals, caller.f_globals
    elif hasattr(source, '__func__'):
        func = source.__func__
        name, ls, gs = func.__qualname__, (func.__closure__ or {}), func.__globals__
    elif hasattr(source, '__init__'):
        func = source.__init__.__func__
        name, ls, gs = func.__qualname__, (func.__closure__ or {}), func.__globals__
    else:
        raise ValueError(f'Don\'t support source {source}')

    ipython = [f for f in inspect.stack() if f.filename.startswith('<ipython-input')][-1].frame

    ipython.f_locals.update({k: v for k, v in gs.items() if k[:2] != '__'})
    ipython.f_locals.update({k: v for k, v in ls.items() if k[:2] != '__'})

    # Magic call to make the updates to f_locals 'stick'.
    # More info: https://pydev.blogspot.co.uk/2014/02/changing-locals-of-frame-frameflocals.html
    ctypes.pythonapi.PyFrame_LocalsToFast(ctypes.py_object(ipython), ctypes.c_int(0))

    message = 'Copied {}\'s variables to {}'.format(name, ipython.f_code.co_name)
    raise RuntimeError(message)

Python Format String Syntax

 https://pyformat.info/

Format string overview for the old and new format string syntax in Python. It shows for each thing you might want to perform, the old syntax (if existing), the new syntax and the output.

Real Python

 https://realpython.com/

Contains a comprehesive list of tutorials, ranging from beginner to advanced. Moreover, it contains community interviews with well-known Python users, a list of Python books and quizzes.

Rust Atomics and Locks

 https://marabos.nl/atomics/

The "Rust Atomics and Locks" book by Mara Bos provides in great detail information about concurrent programming in Rust. It starts with the concurrent programming concepts available in Rust. On this basis, atomics, locks, and channels are explained by builing a new one. At the end, it also covers processor and operating system details.

Rust Case Studies

 https://github.com/dtolnay/case-studies

This repository showcases some examples of tricky Rust code that I have encountered during my years working with a variety of advanced macro libraries in Rust (my own and others').

Rust Cookbook

 https://rust-lang-nursery.github.io/rust-cookbook/

The Rust Cookbook describes tiny common tasks you might want to do and shows how to solve them in Rust. It introduces many useful crates, which are widespread in the Rust ecosystem, but can also be used to look up solutions to common problems.

Rust practice.rs

 https://practice.rs/

The website provides tiny interactive tutorials to teach individual Rust concepts. Each tutorial is a tiny runnable Rust snippet. The snippet can be executed directly on the website, providing instant feedback.

Rustlings

 https://github.com/rust-lang/rustlings

The Rustlings project is a Rust project consisting of many small exercises. The exercises consist of small code pieces which need to be filled in and contain tests for checking your work. This trains reading and writing Rust code.

Subdomain Enumeration by Bastian Kanbach

 https://blog.apnic.net/2023/01/17/subdomain-enumeration-with-dnssec/

The blog post about Subdomain Enumeration in the APNIC blog provides a great overview of the techniques, defenses, and tools for it. Subdomain enumeration is the act of learning available subdomains in a zone using DNSSEC. This is with NSEC records and somewhat harder with NSEC3, due to hashing of names. The blog goes explains how online signing can combat subdomain enumeration, using the white lies or the black lies strategies. Lastly, it links to tools for performing these attacks.

Take your first steps with Rust

 https://learn.microsoft.com/en-us/training/paths/rust-first-steps/

First steps with Rust guide by Microsoft. It starts with the basics of installing the tools, the first program and continues with error handling, traits, and test writing.

Task-centered iproute2 user guide

 https://baturin.org/docs/iproute2/

Userguide for the newer ip command under Linux. The guide consists of different tasks one might want to perform and their corresponding ip commands.

Tcpdump advanced filters

 https://blog.wains.be/2007/2007-10-01-tcpdump-advanced-filters/

The website contains different tcpdump filters. It starts with basic filters and then builds up ever more complex ones. This is a good source for looking up complicated filters, if one does not want to write them themself.

The Hitchhiker’s Guide to Python!

 https://docs.python-guide.org/

A practical, continuously updated, handbook which provides insight into how to use Python, both as a beginner and as an expert.

Tour of Rust

 https://tourofrust.com/

Welcome to the Tour of Rust. This is meant to be a step by step guide through the features of the Rust programming language. Rust is often considered a language with a steep learning curve, but I hope I can convince you there's a lot to explore before we even get to complex parts.

The Tour of Rust is available in many languages.

explain.rs

 https://jrvidal.github.io/explaine.rs/

explaine.rs is an interactive playground to explore the syntax of the Rust Programming Language.

You can write any Rust code in the editor and the analyzer will allow you to click/tap on different keywords, punctuation elements and other bits of code and help you understand what they mean.

how2heap: Educational Heap Exploitation

 https://github.com/shellphish/how2heap

This repo is for learning various heap exploitation techniques. We use Ubuntu's Libc releases as the gold-standard. Each technique is verified to work on corresponding Ubuntu releases. You can run apt source libc6 to download the source code of the Libc your are using on Debian-based operating system. You can also click ⏵ to debug the technique in your browser using gdb.

Besides the hep exploitation examples the repo also contains references to helpful tools and further information about heap exploitation.