Hey HackerNoon, Kuwguap lapha. Ngingathanda yini? Ngingathanda izinsuku ezimbini. Ewe, izifundo zayo zayo zezifundo. Futhi yini ngithanda mayelana 24/7? RAWPA(I-Penetration Testing Assistant). Iprojekthi yami yokuzonwabisa ngempumelelo ngempumelelo emzimbeni yami, futhi ngingathanda ngamanye indlela. Ngakho-ke, uma kufanele ukhumbule ama-notes ye-leksi, ngithanda ukuthi ngithumela ukuhlaziywa kwe-course emangalisayo eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni. It is not just about finding errors; it is about problem analysis, understanding, and solving. It is a superpower. It is cool to create something new, but being able to fix what’s broken – whether it’s your own code or a target system – is where the real magic happens. Ngiyazi, thina siphindeza emangalisayo kanye nokumangalisayo. I-My First Mistake: I- "I-Responsive Yini?" I-UI Ngiye kuqala ne-rookie isithombe esuka ekubeni. Ngikwazi ukwenza isakhiwo se-UI / UX enhle ngaphambi kweprojekthi. Ngithanda amavidiyo amabili e-YouTube, i-inspirated ngu-look clean ye-Whimsical (i-tool eyenziwe ku-wireframing), futhi iqala kuphela ... ukucindezelwa. Ngaphandle kokusebenza kwamakhemikhali. Akukho ububanzi be-screen ezithile. I-rectangles kuphela ku-screen. I-PC yayo yokuthuthukiswa yaziwa kahle, ngakho-ke ngithanda, "I-Ship it!" Eminyakeni embalwa, umbhali wabheka ngokufanele ukuthi ukubukeka kwe-mobile iyahlekile ngokuphelele. Ngithole izinsuku ezimbini ephelele ukuchithwa okuhlobisa futhi ukwenza isicelo ngokufanele ngokufanele. Isitimela sifundile: ucwaninga zonke izikrini ukusuka kwelinye imini. I-Bug That Shut RAWPA Down Ngaphandle kwalokho ... cishe izinsuku ezimbili ezedlule, ngihambe izici ku-RAWPA zihlanganisa. Izindlela ziye zihlanganisa, futhi ezinye idatha zihlanganisa. A ukubukeka okusheshayo ku-console yami wabhala umlando: FirebaseError: [code=resource-exhausted]: Quota exceeded. Ngiyazi ngosuku eyodwa. Kuyinto zonke i-quota mahhala ku-Firebase. Nge-33 abasebenzisi kuphela, lokhu kuyimfuneko. Ngingathanda. Ngingathanda ngosuku eyodwa ukuze i-quota ifake, noma ngingathanda i-detective hat kanye ne-debug. 16,000 reads and 20,000 writes The culprit? A series of logical bugs ezidlulele ukususwa kwe-coding sesitimela. I had created a function that continuously checked Firestore for updates, in case I used my admin panel to disable a methodology. It was a dumb, brute-force way to solve a problem, and it was hammering the database. The Infinite Loop: The new feature I was building needed to save its state. Instead of using for frequent, small updates, I was writing to Firestore on every single change. Why? Because I was sleepy and not thinking straight. Sleepy-Dev Syndrome: localStorage Ngaphezu kwalokho, i-app yenza zonke izici ze-Firestore ku-startup, okwenza inqwaba elidlulele izinsuku ezingenalutho zokusebenza-ezinye izikhathi kuze ku-10 amaminithi. Ngithanda ukuthi isixazululo iyatholakala ngokuvamile nge-Cache efana ne-Redis, kodwa ngihambe. Kubalulekile ukuxubana okuningi futhi ukuxubana izinto ku-Vercel, okuyinto i-API engaphansi kwe-12 ku-free plan. Ngingathanda kanjani? Ngithole. Ngithole Ngamanye amaxesha, Ngithole ama-variables emkhakheni, Ngithole amayuningi, futhi i-boom – isivinini isixazululwa ngokushesha. Ngamanye amaxesha, Ngingathanda ukuba ngifanele ne-Next.js, kodwa emva kokuphumula kokuphumula, Ngithole nge-React + Vite yokufaka futhi kusebenza. Upstash Redis I-New Feature, Born From A Real Pentest Ngiyazi, lokhu umsebenzi oluthile owawuthengile owawuthengisa ukuthi wayenza wonke umkhakha? It yasungulwa lapho ngitholela ku-target kusuka ku-HackerOne. Ngitholela isixhobo yami esinye, i-AAweRT, ukuze i-recon futhi ngitholele ukuthi inqubo yami yokuzalwa ngokugcwele kusukela kokufaka i-RAWPA. Ngitholela 79 subdomains ukuhlola. Ngaphandle kokusebenzisa isixhobo se-automated efana ne-Eyewitness, ngitholela ngezifiso (ngazi, ngitholela ingxaki). Ngithole amaphuzu emangalisayo kanye nezimo ezingenalutho, kodwa ayikho indlela efanelekayo ukuyifaka kwabo ngaphandle kokubuyekeza isitimela yami esisodwa. Ukusungula . Hunter's Board Kuyinto i-Kanban-style board eyenziwe ngqo ku-RAWPA, eyenzelwe ngokufanele umqondo we-pentester. Ungayifaka amakhadi kuzo zonke izinto: amazwe, imidwebo, iziphumo, izivakashi, izinhlamvu zekhodi, izixhobo, sicela ushiye. Njengoba ngibuyekeza ama-79 ama-subdomains, ngithuthukisa le ibhodi. Ngithola i-parameter yokufakelwa e-endpoint eyodwa - i-bypass ye- UTF-8 main filter - futhi ngokushesha iye yenza ikhadi, ukongeza ikhonkco nama-notes yami. Kuyinto nje ... i-clicked. The Hunter's Board is now live on the site! Ungathola ngoku. Ngenxa yokushicilela okusheshayo, ngithunyelwe ngempumelelo Waze I need to optimize them and fix some backend issues before they're ready for prime time, futhi ngithanda umlinganiselo abasebenzisi ukuba kuyinto ephelele. RAWPA AI Pentest Orchestrator Ngithi ukuthi ngaba izivivinyo eminyakeni amabili? Ugh. Ngizokuthumela ezinye izivivinyo ngaphambi kokufika emhlane yokufunda. Ngemuva kwalokho, sicela ushiye ukuthi i-RAWPA kuyinto inqubo yobumfihlo. Uma unemibuzo, imibuzo, noma ufuna ukunikezela, usebenzisa umsebenzi "Contribute" ku-site noma uxhumane nathi . Check out Project at . ikhaya https://rawpa.vercel.app/ Umzimba uqala kuphela.
