Hey HackerNoon, Kuwguap apha. Ndingathanda njani? Ngaba iingcebiso kwiintsuku ezimbini. Ndiya, iingcebiso zeeyunivesithi. Yintoni ndingathanda malunga 24/7? RAWPA(I-Penetration Testing Assistant). Iprojekthi yami ye-passion iye iye iye iye iye iye iye iye iye iye iye iye iye. Ngoko ke, xa ndingathanda ukufumana iingcebiso zofundiso, ndingathanda ukuba ndingathanda wena kwi-driving yokuzonwabisa kwiiveki ezidlulileyo ezidlulileyo. Phambi ndingathanda kwi-bugs kunye ne-function entsha, ndingathanda ukuba - ndingathanda ngokwenene ndingathanda iingcebiso yokuqala kwinkalo ye-tech ye-debugging. Kwimeko yokufumana iingxaki kuphela; kwimeko yokufunda iingxaki, ukufumana kunye nokuphumelela. I-superpower. I-cool ye-create something new, kodwa ukufumana ukuba ukuguqulwa into ebomvu - ukuba i-code yakho okanye i-target system - nto leyo i-magic efanelekileyo. Nangona kunjalo, nathi siphinde kwimiphumo kunye ne-madness. I-My First Mistake: I-Responsive Yintoni? UI Nqakraza kunye ne-rookie mistake eyenziwe kwakhona. Ngaba awukwazi ukuvelisa i-UI / i-UX yokuqala ngaphambi kweeprojekthi. Ndiyathanda iividiyo ezimbini ze-YouTube, i-Whimsical (i-tool eyenziwa ngokuba yi-wireframing), kwaye ndiqala nje ... ukuvelisa. Akukho umgangatho we-device. Akukho ubungakanani we-screen elifanelekileyo. I-rectangles kuphela kwi-screen. I-PC ye-development yam ndingathanda kakuhle, ngoko ndingathanda, "I-Ship it!" Emva kwemizuzu embalwa, i-tester ebonakalisa ngokufanelekileyo ukuba i-visuage ye-mobile yabaqhathaniswa ngokupheleleyo. Ndidlulanga iintsuku ezimbini ezininzi ukuxolisa le ngempumelelo kunye nokwenza i-app efanelekileyo kakhulu. I-Lesson yaziwa: uyifunda zonke i-screens ukususela ngosuku lokuqala. I-Bug Eyenza I-RAWPA Down Kwaye ngaphandle ... malunga namhlanje, ndingathanda iimpawu kwi-RAWPA ezikhoyo. Ama-methodologies abaqhutywa, kwaye iinkcukacha ezininzi ziyafumaneka. Umxokozelo omnqweno we-console wabelane umzekelo: FirebaseError: [code=resource-exhausted]: Quota exceeded. Ndingathanda ngosuku eyodwa. Yinto zonke iinkcukacha ezamahala kwi-Firebase. Nge-33 abasebenzisi kuphela, le yaba ingxaki. Ndingathanda. Ndingathanda ngosuku yokuba iinkcukacha ziye zithintela, okanye ingathanda i-hat ye-detective kunye ne-debug. 16,000 reads and 20,000 writes The culprit? A series of logical bugs ezidala ukususela ngexesha lokugqibela yokubhalisa. I had created a function that continuously checked Firestore for updates, in case I used my admin panel to disable a methodology. It was a dumb, brute-force way to solve a problem, and it was hammering the database. The Infinite Loop: The new feature I was building needed to save its state. Instead of using for frequent, small updates, I was writing to Firestore on every single change. Why? Because I was sleepy and not thinking straight. Sleepy-Dev Syndrome: localStorage Ngaphezu kwalokho, le app yenza zonke iinkonzo zeFirestore kwi-startup, yenza inqwelo elidluleleyo ixesha lokugqibela - nganye ukuya kwiiyure ze-10. Ndingathanda ukuba le ngxaki ilawula nge-Cache efana ne-Redis, kodwa ndingathanda. Yeyiphi na ingxaki engaphezu kwe-complexity kunye nokukhuthaza izinto kwi-Vercel, ebonakalayo i-API ye-12 kwi-free plan. Ndingathanda njani? Ndingathanda nangona kunjalo. Ndingathanda Ngamanye amaxesha, ndibandakanya iingxaki ze-environment, yenza iingxaki eziliqela, kwaye i-boom-i-speed iyasetyenziswa kakhulu. Ngamanye amaxesha, ndingathanda ukuba ndiza kuqala ne-Next.js, kodwa emva kokuphumelela kwexesha le-migration, ndiyabandakanya kunye ne-React + Vite i-setup kunye nokwenza ukusebenza. Upstash Redis I-New Feature, Born From A Real Pentest Ngoko ke, yintoni i-characteristic entsha ngathi ndiza zibonisa yonke into? Iqala ngexesha ngexabiso kwi-target ye-HackerOne. Ndingasebenzisa i-AAweRT yam, ukuba i-recon kwaye ndingathanda ukuba inqubo yam yobungcali iye yandiswa ngokupheleleyo ukususela ekwenzeni i-RAWPA. Ndingathanda i-subdomains ze-79. Ngaphandle kokusebenzisa isixhobo se-automated efana ne-Eyewitness, ndingathanda ngexabiso ngexabiso (ngazi, ndingathanda ingxaki). Ndicinga i-endpoints eziqhelekileyo kunye neengxaki ze-potencial, kodwa ayikho indlela efanelekileyo yokufunda kubo ngaphandle kokuphumelela kwi-think yokuqala. Ukubonisa i . Hunter's Board Kuyinto ibhodi Kanban-style eyenziwe ngqo kwi-RAWPA, yenzelwe ngokufanelekileyo. Uyakwazi ukuvelisa amakhadi ngenxa yintoni na: iidolobha, iindlela, iziphumo, iingcebiso, iingcebiso ze-code, izixhobo, uyazi. Xa ndicinga le 79 subdomains, ndandisa le board. Ndingathanda i-parameter yokufunda engaphilisiweyo kwi-endpoint enye - i-bypass ye- UTF-8 filter - kwaye ngokuzenzakalelayo i-card yayo, ukongezelela i-link kunye neengxelo zayo. Inyanini... i-clicked. The Hunter's Board is now live on the site! Ungathola ngoku. Njengomva wokugqibela ngokukhawuleza, i-I've temporarily removed iimveliso iimveliso. Ngaba kufuneka i-optimize kunye nokuguqula iinkcukacha ze-backend ngaphambi kokufanelekileyo kwimeko yokuqala, kwaye ndingathanda ukuba umxholo wokusetyenziswa ngempumelelo. RAWPA AI Pentest Orchestrator Ndingathanda ukuba ndingathanda izifundo kwiintsuku ezimbini? Ugh. Ndingathanda ukulayisha iinkcukacha ezininzi ngaphambi kokufumana ukufundisa. Kwixesha elilandelayo, khumbula ukuba i-RAWPA yiprojekthi ye-community. Ukuba unayo iingcamango, i-feedback, okanye ufuna ukuncedisa, usebenzisa i-Function "Contribute" kwi sayithi okanye uqhagamshelane nathi kwi . Qhagamshelana nenkqubo at . Ukucinga https://rawpa.vercel.app/ Umzimba uqala nje.
