Categories
Uncategorized

End of Fall Term

Capstone Updates

The capstone is coming along wonderfully. I’ve implemented a nodejs server with express, and I’ve prototyped the attack on path traversal through this web app. Right now, it sends an exploit for path traversal through the clients web browser with a request using fetch, and updates an iframes contents with the output of the path traversal vulnerability. In the next project iteration, I will create an endpoint on the node app, like /request, which will take a string and make the exploit request, and send back the results it gets to the client, because it’s bad practice to demonstrate exploits through client side Javascript code, and ultimately this tool is a demonstrative and educational tool. If this project is being hosted on a server that’s accessible to the web, I can just have the vulnerable machine only whitelist its IP, and this wont be possible if the exploits are coming from random clients IP addresses. Overall, I’m feeling very good about the development we’ve done so far, and I look forward to seeing where this project goes. I really enjoy working with node.js, it’s been a while.

Here’s the Github repo in case you want to check it out:

https://github.com/sharoninator/Website-Security-Tool

Job Updates

Still no offers or interviews, the market seems pretty rough for junior software developers. I’ve branched out to also applying to positions like cloud engineering and DevOps, which is similar to what I do now at the Open Source Lab. I’m optimistic that I’ll find something eventually, with enough grit and applications. I also know a few people in the industry, and they might be able to help me out with getting references. I’ve been grinding leetcode lately to practice for interviews. I find it quite fun, and I can tell I’m getting better at solving problems than I was when I first started. Winter break is coming up, and I’ll be on vacation for part of it, but the other part I’ll probably spend doing leetcode and applying for jobs.

Leave a Reply

Your email address will not be published. Required fields are marked *