[ Continue reading this over at RedmondPie.com ]
If you’d like to delve into web penetration testing, Becoming the Hacker is a clear guide to approaching this lucrative and growing industry.
This free book (worth $32) takes you through commonly encountered vulnerabilities and how to take advantage of them to achieve your goal. You’ll then go on to put your “newly learned techniques into practice, going over scenarios where the target may be a popular content management system or a containerized application and its network”.
Topics covered include:
- Introduction to attacking web applications
- Advanced brute-forcing
- File inclusion attacks
- Out-of-band exploitation
- Automated testing
- Practical client-side and server-side attacks
- Attacking APIs
- Attacking CMS
- And more
By developing a strong understanding of how an attacker approaches a web application, you’re placed in a strong position to help companies protect their own applications from these vulnerabilities.
This book is aimed at readers with basic experience with digital security, such as running a network, or coming across security issues when developing an application.
Want to download your free copy? Simply click here to download Becoming the Hacker from TradePub. You will have to complete a short form to access the ebook, but it’s well worth it!
Note: this free offer expires 3 Mar 2020.
Read the full article: Download “Becoming The Hacker” For FREE (Worth $32)
Accessing regular websites in order to stream copies of the latest movies and TV shows is still popular among Internet users but the rise of set-top boxes and portable devices has fueled the uptake of app-based piracy tools.
It’s a cramped marketplace but last year TeaTV gained notable traction and was installed by hundreds of thousands, maybe even millions, of pirates looking to access video at zero cost. This momentum earned TeaTV a place in an October 2019 CNBC feature, something which triggered even more interest in the tool and its disappearance from the web.
In the wake of that piece, a source close to TeaTV informed TF that the software (which is available for Android, Windows and macOS) would be back, a promise that was later fulfilled. However, it now transpires that Hollywood is attempting to disrupt access to the tool via complaints filed with code development platform Github.
A notice filed by the Motion Picture Association (MPA) this week begins by referencing the CNBC article, noting that TeaTV “is an app notoriously devoted to copyright infringement.” It reveals previous correspondence with Github during October and November 2019, and January 2020, and thanks Github “for its additional guidance” offered by the Microsoft-owned platform late December 2019.
“We previously provided you links to the Github repositories that TeaTV is using and are now providing you with the attached file titled ‘GitHub-Code’ which shows code hosted on Github that provides links to pirate sites with infringing copies of motion pictures and television shows that are scraped by the TeaTV app to provide access to the infringing content users are looking for,” the complaint reads.
Four repositories listed by the MPA in previous notices have already been taken down but the MPA has now taken further action by demanding the deletion of repos carrying the three executable files for the Android, Windows, and macOS variants of TeaTV.
“Also attached is a file titled ‘GitHub-Executables’ which shows that the final version of the app is available for download from the GitHub platform. These executable files are pre-configured to infringe copyright-protected motion pictures and television shows that are owned or controlled by our Members,” the MPA writes.
Additionally, the Hollywood group says it carried out a network traffic analysis on the TeaTV app and found that its API connected to accounts on Github, located at three URLs, all of which should be removed.
After the MPA reminded Github of the 2005 MGM v. Grokster decision, noting that “the distribution of a product can itself give rise to liability where evidence shows that the distributor intended and encouraged the product to be used to infringe”, Github removed all of the URLs listed in the complaint, leaving the familiar “unavailable” notice behind.
While the MPA will be satisfied with the suspension of the pages, its takedown notice also asks Github to consider 17 U.S.C. § 512(i)(1)(A), which grants an exemption from liability for service providers when they take action against repeat infringers.
“The limitations on liability established by this section shall apply to a service provider only if the service provider…has adopted and reasonably implemented, and informs subscribers and account holders of the service provider’s system or network of, a policy that provides for the termination in appropriate circumstances of subscribers and account holders of the service provider’s system or network who are repeat infringers,” the code reads.
The main TeaTV account and repository are currently active but with no content available. TeaTV.net, however, is still online, as is the .XYZ domain from where the clients can be downloaded and movies and TV shows streamed, albeit in a cumbersome fashion when compared to the app.
TorrentFreak requested comment from the operators of TeaTV as to whether the MPA had been in touch directly. At the time of publishing, we were yet to receive a response.
The no-code movement is taking the internet by storm. If you want to learn how to build apps, websites, and digital products without any coding expertise, this is where to start.
The idea behind the no-code movement is to allow non-engineers to build a great product. These are specialized tools to develop anything you want, and you don’t need any coding knowledge or experience whatsoever. There’s a similar other low-code movement which relies on minimal coding experience.
The no-code philosophy is all about empowering non-techies to enter the world of technology. You can’t escape smartphones or the internet, but you don’t have to hire developers or learn coding to get into them.
1. NotRealTwitter and Nocode Hub (Web): What Are People Building Without Code?
You might think that these no-code websites and apps will be quite basic. Perhaps you can only make static pages or simple online business sites. You couldn’t be further from the truth. Nocode Hub is a directory of fantastic sites built without code, and NotRealTwitter has become a shining example of just what’s possible.
NotRealTwitter is an entire clone of Twitter, built without code. It looks, feels, and functions like the microblogging social network, and is an experiment to show just how much you can do with no-code sites. Try it out, you can check out the whole system through guest accounts.
Meanwhile, Nocode Hub takes it one step further to showcase products made without code. It largely divides them into eight website categories: aggregation, community, review, matchmaking, job boards, landing pages, marketplaces, and general apps. Each site shows which no-code tools were used to build it, so you can use it as inspiration for your own code-free product. Go ahead, start making.
2. NoCode (Web): Directory of Tools, Articles, and a Thriving Community
NoCode is one of the best places to get started with understanding the no-code philosophy and find the tools you need. The website is a collection of apps that help you build any product without code, see what others are doing, and even talk with community members.
Start with the directory of tools, which spans a number of different categories. You’ll find website builders, app builders, form and survey tools, newsletter generators, design tools, customer support, analytics, usability testing, and a whole lot more. Each category has multiple tools, with a short description of what sets them apart.
The showcase is a nice portfolio of “built without code” apps and websites. You can also see which tools were used to build them, and the developers often leave a helpful write-up about their process.
Finally, the articles and community section are where you should head for more information. Both these resources are filled with resources to help no-code makers to find just how to go from concept to execution.
3. No Code List (Web): All the No-Code Resources in One Place
Like NoCode, this is another website that aggregates all the no-code tools, apps, and resources you will need to make your own product.
No Code List divides software into build, grow, and run as large categories, with several sub-categories for every type of program you’d need. It also links projects to tools, so you can see where it is being used. The website adds new software to the database every Friday, and already has the most comprehensive collection among such curators.
The resources section links you to various other websites, Slack channels, communities, and other proponents of the no-code movement. In Agencies and Stacks, you’ll find paid services to make your project journey easier.
4. No-Code Coffee (Web): Daily Newsletter for a Quick No-Code Update
Michael Gill is a no-code evangelist who regularly tracks new projects, developers, and tools. He turned this knowledge into a daily email newsletter that serves as a quick update on the world of no-code.
The newsletter comes with three new elements every day:
- A no-code tool to build something cool
- An interesting no-coder to learn from
- An awesome no-code product to show you what’s possible.
Each newsletter starts with a quick introductory thought for no-code makers. And of course, Michael adds his own reasons for checking out each of the three recommended items.
Currently, there isn’t an easy directory of all newsletters sent so far. But once you sign up and get your first email, open the Mailchimp link in a new to find a link to Past Issues.
5. No-Coders Club (Web): Business Side of No Coding Movement
The no-code movement gives you the tools to build your own product without knowing programming. But there is a lot more to shipping something cool than just the code. If you want to start but don’t know where, you’ll find good advice from chartered accountant Luqman Z.A.
The No-Coders Club is Luqman’s blog to chronicle the journey to making one’s own product, mainly looking at the business side of things. There are helpful Wikis along with introductions to concepts like SWOT analysis. Luqman updates the blog with new posts periodically. It started in 2020, so this is a good time to jump on board.
6. No Code No Problem (Podcasts): Listen to No-Coders
Is it really a trending topic if there isn’t a podcast dedicated to it? Ryan Myher hosts No Code No Problem, where he interviews makers from the no-code community and talks about new tools.
Like the No-Coders Club, there’s also a lot of focus on the business side of building a product without code. By listening to founders share their thoughts, you’ll gain valuable insights and avoid beginner’s mistakes.
Apart from NCNP, there are a few other podcasts getting in on the action, like the No Code Podcast. It’s only three episodes old so far, but it’s off to a good start. Do listen to the interviews of the developers of Obviously AI and MakerPad.
Coding Isn’t That Hard
Sure, the no-code movement makes it easier than ever to build any tech product you want. But let’s not say coding is the devil, and you can perhaps do more if you know the basics.
And you know what? Coding isn’t that hard. Plus, the logic you learn is useful in no-code apps too. So try it out, learn the basics of coding in bite-sized lessons.
Read the full article: 6 Awesome No-Code Resources to Build Apps and Websites Without Programming
A group of movie companies, operating under the parent company Millennium Funding, is pursuing legal action against key piracy players.
The case against MKVCage, filed last summer, had an immediate effect. Not long after the complaint was submitted to a Hawaii District Court, MKVCage became unreachable. At the same time, the uploader stopped pushing torrents to other sites as well.
Aside from a brief comeback, the site remains missing in action today. However, that doesn’t mean that the lawsuit is over too. A few days ago, the makers of the film Hellboy submitted an amended complaint against the alleged operator, a Pakistani man named Muhammad Faizan.
Hellboy Productions accuses Faizan of promoting and distributing pirated copies of its movie. The complaint also lists 35 John Doe defendants, who presumably downloaded the film.
While many of these allegations were already present in the original complaint, the new version does introduce a new name into the mix. According to Hellboy Productions, MKVCage is linked to a ‘notorious copyright thief.’
The movie company writes that Faizan began “operating the website mkvcage.nl” together with 1337 Services LLC, which is associated with Pirate Bay co-founder Peter Sunde.
“1337 was created and is controlled by Peter Sunde Kolmisoppi,” Hellboy writes, adding that “Peter Sunde Kolmisoppi is a notorious copyright thief who was sentenced to prison in Sweden for his creation of The Pirate Bay.”
This sounds rather ominous. However, the complaint fails to mention that 1337 Services LLC is the company behind Njalla, which is a service that allows people to privately register domain names. And indeed, a Whois lookup for MKVCage.nl shows 1337 Services as the registrant.
This pushes the joint operation claim into an entirely different light. Njalla has many customers, including the Catalonian government, but it doesn’t operate the sites which are tied to these domains.
Peter Sunde informs TorrentFreak that he’d never heard of MKVcage until now. He is also not aware of any abuse emails regarding the domain name.
“As far as I know we haven’t even received an abuse e-mail regarding MKVcage, but I guess that’s their strategy. If they send abuse e-mails they might get services suspended and thus not being able to sue people,” Sunde says.
The Pirate Bay co-founder stresses that 1337 Services LLC is owned by a foundation, which is information they would have gladly shared if asked. The company is operated by many people who may feel left out now, as they may also want to be labeled as copyright thieves.
“My co-workers may be upset that they don’t get any credit for 1337’s work now, so I’m so sorry. They also want to be notorious copyright thieves,” Sunde notes.
Neither Sunde nor 1337 Services are defendants in the case. They are little more than a passing mention, perhaps to make it appear as if there’s something more going on than there is.
In earlier court filings the movie company actually referred to 1337 Services as a privacy service, which wasn’t clarified in the most recent filing.
Finally, Sunde points out that he’s not really a copyright thief. While he may have duplicated a file or two, he never stole anyone’s copyright. This is something the US Copyright Office can confirm.
While Sunde is not in any trouble, in this case, Faizan is. Hellboy Productions accuses him of direct and contributory copyright infringement. The movie company claims to have suffered $270,902.58 in damages and would like to have that compensated.
A copy of the amended complaint Hellboy Productions filed against Muhammad Faizan is available here (pdf).