Categories
Programming Reading Material What I’m Up To

JavaScript books that you can read online for FREE

My actual setup at my old office (February 3, 2020), where I coded in JavaScript all day.

If…

  1. You’ve decided to learn JavaScript (or just need a refresher), and
  2. you’re short on cash due to the current economic situation

…you’re in luck! There are a couple of good books on JavaScript whose contents are available to read online, free of charge!

The first of these books is Eloquent JavaScript, Third Edition, written by Marijn Haverbeke and published by No Starch Press. It’s not just an introduction to JavaScript, but an introduction to programming in general. It’s beginner-friendly, which is one of the reasons why it’s the main book for the first part of the JavaScript/React course that I’m teaching.

You can Eloquent JavaScript, Third Edition online here.

The second book is JavaScript for Impatient Programmers, ECMAScript 2020 edition, written by Dr. Alex Rauschmeyer. Its coverage of JavaScript is more complete, but it’s a little less beginner-friendly, which is why it’s the backup book for my course. I’m going to incorporate some of its content into the course, and point students to the online edition if they’d like some additional reading material.

You can read JavaScript for Impatient Programmers, ECMAScript 2020 edition online here.

Categories
Current Events Programming Tampa Bay What I’m Up To

I’m teaching an online JavaScript/React programming course!

The folks at Computer Coach Training Center must like my work, because they have me teaching another course — a 12-week, 3-times-a-week, 4-hours-per-session Intro to JavaScript and React programming!

I taught the Intro to Python Coding course on Computer Coach’s behalf in July and August. That one took place twice a week over 6 weeks, with each session lasting 4 hours.

The Intro to JavaScript and React Programming course starts next Tuesday evening, and happens Tuesday and Thursday evenings and Saturday mornings for 12 weeks.

The first six weeks of the course will be dedicated to gaining a solid understanding of JavaScript programming. During that part of the course, the text will be Eloquent JavaScript, Third Edition, which remains one of the most-recommended books for beginners. I’ll use it as a basis, but also add some additional material and cover changes in the 2019 and 2020 versions of JavaScript.

The second six weeks of the course will be all about React.js — and nothing but React. Yes, people use React in combination with all sorts of other technologies, but in order to get a solid grounding in React, it’s helpful to start by working purely in React. Hence Pure React, May 2020 Edition (which includes the newly-introduced feature of hooks) is the text for this section of the course.

If you’ve ever been in any of my Tampa iOS Meetup sessions, you’ve seen my teaching technique — you’re not passively watching slides, but coding along with me, and even experimenting, just to see what happens. That’s I what I did with the Python class, and it’s what I’m going to do with the JavaScript/React class — enter code, see what happens, and gain experience along the way. It’s learning by doing.

If this course interests you, it starts next Tuesday, and you can sign up by contacting Computer Coach.

 

Categories
What I’m Up To

Interview number 2

Tap to see the article about the previous interview.

This time, it was on Zoom, so I had more than one reason to dress up.

I think it went pretty well.

Categories
Programming What I’m Up To

A more Pythonic approach to one of my “Capture the Flag” solutions

In my article about the Capture the Flag at The Undercroft in which I recently participated, I wrote about my solution to this particular challenge:

Your answer lies in the 1’s and 0’s…

0010111 00001111 00010111, 00011001 00001111 10101 00000001 00010010 00000101 00010010 00001001 00000111 00001000 00010100

(Make sure to use the comma, and spaces correctly)

The first part of my solution was turning those numbers into a list. Copy the numbers into a text editor, stick 0b in front of each one, and then turn the sequence into a Python list:

Paste the list into a Python REPL and then display its contents to see the numbers in decimal:

The next step is to convert those numbers into letters. Once again, the Unicode/ASCII value for “A” is 65, so the trick is to add 64 to each number and convert the resulting number into a character.

Here’s how I did that:

I could’ve gone super-functional and done it in one line:

Tap to find out more about lambda functions in Python.

Between lambda and map(), there’s a whole lot of functional programming concepts to solve a relatively simple problem.

I could write a whole article — and I probably should — based on just that single line of code, but in the meantime, I thought I’d post an easier, more Pythonic solution.

This simpler solution uses good ol’ list comprehensions:

Most programming languages don’t have list comprehensions. In those languages, if you want to perform some operation on every item in an array, you use a mapping function, typically named map(), but sometimes collect() or select().

Hence my original solution with lambda and map() — it’s force of habit from working in JavaScript, Kotlin, Ruby, and Swift, which don’t have Python’s nifty list comprehensions.

Categories
Tampa Bay What I’m Up To

My time at The Undercroft’s Capture the Flag

Photo credit: The Undercroft.

The final event of UC Baseline, The Undercroft’s cybersecurity training program, was the Capture the Flag competition, which took place last Friday morning.

In computing “Capture the Flag” events, the flag isn’t a physical one, but some kind of challenge. Sometimes, it’s something you need to retrieve from a program, website, or even a piece of hardware with an intentionally built-in vulnerability that you must exploit. Sometimes it’s a problem or puzzle you must solve. It may also be a trivia challenge.

Solving each challenge earns you a specified number of points, with the tougher challenges being worth more points. The player with the most points wins.

Since it wasn’t scheduled as a day of actual class — the last day of class was on Wednesday — I’d booked a doctor’s appointment for that morning. A plumbing problem also required me to be at home for a little bit.


By the bye, if you’re looking for a great plumber in Tampa, I highly recommend Joshua Tree Plumbing.


The challenges

Still, since most of the challenges were posted online and since I’d never participated in a CTF before, I decided to try anyway. I decided to treat my schedule as if it was a golfer’s handicap. Since some of the challenges were just questions where you’d either select an answer or type one in, I did them on my phone while waiting for the doctor.

In between a couple of car trips, I managed to eke out a little over an hour and a half of time in the CTF, so I think I placed rather well, all things considered:

Here’s a sampling of some of the challenges:

  • Who’s on 80? (300 points):
    Scan the host at (IP=10.10.1.1) and enumerate the service running on open port, 80.Use the following syntax for your answer: nmap [scan type] [ options] [target]
  • The Big Kahuna, part 1 (1200 points):
    Using the Linux OS and boot method of your choice (VM or live boot):Add the “Kali Linux Headless” Repository to your repository list. Download and install the Kali Tools Headless package to your Linux operating system. Get the Metasploit Framework running. Show one of the staff when you’re finished.
  • Don’t cross the streams! (500 points):
    An attacker got onto a machine and created a rogue user. Dig through the attached PCAP file and identify the rogue user.The flag is the user name. This flag IS case sensitive.
  • Execution is everything! (400 points):
    What are the four different execution policies for Powershell?

    • Restricted, Unrestricted, AllSigned, RemoteSigned
    • Unrestricted, Restricted, AllSigned, PartiallySigned
    • Restricted, Unrestricted, PartiallySigned, RemoteSigned
    • Unrestricted, Restricted, PartiallySigned, UnSigned
  • Pick these locks (a buttload of points):

A couple of Python solutions

I solved a couple of the challenges with Python, and I’m sharing them here (with the permission of the instructors, of course):

Are you sure? (200 points)

Your answer lies in the 1’s and 0’s…

0010111 00001111 00010111, 00011001 00001111 10101 00000001 00010010 00000101 00010010 00001001 00000111 00001000 00010100

(Make sure to use the comma, and spaces correctly)

My first instinct was to copy these numbers, into a text editor, stick 0b in front of each one, and then turn the sequence into a Python list:

I pasted the list into a Python REPL and then displayed its contents, to see the numbers in decimal:

All the numbers were between 1 and 26 inclusive, suggesting letters of the alphabet.

The ASCII/Unicode value for “A” is 65. If you offset the numbers by adding 64 to each, and then convert each number to a character, you should get the message:

Remembering the instructions to “use the comma, and spaces correctly,” the answer is:

WOW, YOU ARE RIGHT

The big kahuna part 2 (700 points)

Using the Linux OS and boot method of your choice (VM or live boot):

Create a folder. In that folder, create 100 directories that are uniquely named incrementally (ergo directory1, directory2, etc.). Inside each of those 100 directories, create 100 directories that are uniquely named incrementally. Inside each of those 100 directories, create 100 files named incrementally (file1, file2, file3, etc.). The contents of each file should include the lyrics to the “Battle Hymn of the Republic” by Julia Ward Howe.

When complete, show a staff member.

Cochise (artist’s conception).

This challenge is phrased in such a way that it could only have been written by our Linux instructor Cochise (pictured to the right).

Creating those 100 directories in Linux is a one-liner:

The rest of the task calls for some scripting.

I’m terrible at shell scripting. I’m perfectly comfortable with using the shell interactively, in that classic enter-a-line/get-a-response fashion. However, once I have to deal with those half-baked control structures, I tend to walk away and say “Forget this — I’m doing it in Python.”

Here’s a cleaned-up, easier to read version of my solution to the challenge. It assumes that there’s a file called battle.txt in the same directory, and that the file contains the lyrics to the Battle Hymn of the Republic:


I had a lot of fun on my first CTF, even if I got to take part in a fraction of it. I’ll have to join The Undercroft’s next one!

Categories
What I’m Up To

My phone interview

Tap to view at full size.

All dressed up for a 📱 PHONE ☎️ interview. Sure, they won’t know I’m dressed up, but I’LL KNOW.

[See the original Tweet.]

Categories
Career Tampa Bay What I’m Up To

I’m at The Undercroft’s “Get a Job” career fair!

The class portion of UC Baseline — the cybersecurity training program offered by The Undercroft, Tampa Bay’s security guild — ended yesterday with the final day of Python 101, which marks the end of classes. Every weekday for the past five weeks, 8:00 a.m. to 4:00 p.m., I’ve been in a classroom (masked and socially distanced, of course), studying and furiously taking notes in the following classes:

Course Instructor
Hardware 101
(5 days)
Tremere
Networking 101
(5 days)
TreyCraf7
Linux 101
(3 days)
Cochise
Windows 101
(2 days)
Turtle
Infosec 101
(5 days)
KobyBeefcake
TheCleverShark
Python 101
(3 days)
KobyBeefcake

There are still two more days in the program. Today is the “Get a Job” career fair. The Undercroft have gathered a series of recruiters, security companies, and agencies to talk to us, including:

The presentations are quite good — I’m pretty impressed by the representatives I’ve seen so far.

I’m also dressed and masked for the occasion: