https://shivamdixit.com/ Recent content on Shivam Dixit Hugo -- gohugo.io en Wed, 19 Aug 2020 14:55:25 +0200 https://shivamdixit.com/personal/work-tools-in-personal-life/ Wed, 19 Aug 2020 14:55:25 +0200 https://shivamdixit.com/personal/work-tools-in-personal-life/ When I joined a mega-corporation for the first time, I realized that a lot of thought has been put into organizing things. There are several frameworks, for example, OKRs, KPIs, etc., to help manage the complexity. These tools are common knowledge in the industry now. Over time, I realized that they can also be beneficial in personal life and help in improving focus and productivity. In this post I share how I have been using some of these tools. https://shivamdixit.com/management/opinions/ Sun, 17 May 2020 00:00:00 +0000 https://shivamdixit.com/management/opinions/ We all have opinions on different topics, from the best pizza place in town to the political party to vote for in the next election. More often than not these opinions are innocuous and don’t impact anything critical. However, there are times when opinions can have an impact on other individuals, projects, or an organization. In such cases, a certain level of rigor is expected from an individual before they form an opinion. https://shivamdixit.com/kayako/incident-response/ Thu, 23 Mar 2017 00:00:00 +0000 https://shivamdixit.com/kayako/incident-response/ We at Kayako strive for the number of 9’s in our uptime metric. We want to ensure minimum service disruption for our customers, and therefore we need to work hard on the following two aspects: Identifying that an incident has occurred Minimizing the impact of the incident Identifying an incident Our goal is to identify an incident before our customer. It not only helps us in proactively informing our customers on the ongoing issues but also helps us to prepare our Support team better for the incoming queries. https://shivamdixit.com/linux/slowhttp-the-insidious-killer/ Tue, 07 Feb 2017 00:00:00 +0000 https://shivamdixit.com/linux/slowhttp-the-insidious-killer/ Slow HTTP are application layer Denial Of Service (DoS) attacks and have a potential to knock down a server with limited resources. Because of the nature of the attack (slow speed and low volume), they are hard to detect and can cause equal damage as a high volume DDoS. In this post, I’ll share my experience with these attacks. Introduction As explained in the WiKi [1], Slow HTTP attacks rely on the fact that the HTTP protocol, by design, requires requests to be completely received by the server before they are processed. https://shivamdixit.com/linux/how-ls-caused-production-downtime/ Sat, 03 Sep 2016 00:00:00 +0000 https://shivamdixit.com/linux/how-ls-caused-production-downtime/ ls is one of the innocuous commands that sysadmins probably use hundreds of times a day. But yesterday, we faced downtime on production because of the output of this command. Here’s the full story… One of our production app server was behaving funny yesterday, because of which an Ops Engineer was doing routine checks on the server. He ran the beloved ll command (which is aliased to ls -lah). The output of the command was something like: https://shivamdixit.com/security/null-humla-writeup/ Mon, 02 May 2016 00:00:00 +0000 https://shivamdixit.com/security/null-humla-writeup/ Last week I got a chance to attend my first Null HUMLA workshop. People who are not familiar with Null, it is a community of security enthusiasts who are willing to share knowledge and trying to make the world a more secure place. In this post, I’ll share my experience with the workshop. Introduction Null community organizes three different kinds of events: Humla (for offensive security) Bachaav (for defensive security) Pulia (for bridging the gap between two) The workshop was organized at Sapient, Gurgaon, which is located in the heart of the city. https://shivamdixit.com/kayako/internship-at-kayako/ Wed, 02 Mar 2016 00:00:00 +0000 https://shivamdixit.com/kayako/internship-at-kayako/ This post was originally posted on Medium as a part of life at Kayako series. This summer I got the opportunity to do an internship as a Product Engineer at Kayako. I was fresh out of college and looking for a chance to apply the knowledge that I learned at college. I accepted the offer straight away. The internship was the perfect platform to kick start my professional career. It not only honed my technical skills, but also helped me to the understand the various aspects of how an organization like this works. https://shivamdixit.com/ctf/hackim-writeup/ Sun, 31 Jan 2016 00:00:00 +0000 https://shivamdixit.com/ctf/hackim-writeup/ The HackIM 2016 edition has just concluded. Programming questions were pretty straight forward and didn’t require much programming skills. Let’s have a look at them: Programming 1 So you reached Delhi and now the noise in your head is not allowing you to think rationally. The Nosise in your head has origin its Origin in your Stomach. And this is a big hunger. You can finish one or probably 2 Tandoori Chicken. https://shivamdixit.com/personal/how-did-it-get-so-late-so-soon/ Thu, 31 Dec 2015 00:00:00 +0000 https://shivamdixit.com/personal/how-did-it-get-so-late-so-soon/ Another year is about to end and yet it seems it has just started. At the start of 2015, I had ambitious plans for the year. A lot of things to do, a plethora of resolutions, and a heart brimming with optimism. The year is about to conclude and I’m afraid that I’m far from my plans. I had fallen in the trap of planning fallacy. Daniel Kahneman describes planning fallacy as follows: https://shivamdixit.com/application/zinger-vocabulary-builder/ Thu, 05 Feb 2015 00:00:00 +0000 https://shivamdixit.com/application/zinger-vocabulary-builder/ Almost all of us face the problem of forgetting new words which we learn. Moreover, it is difficult to compile a list of all new words to later reference. Even if we maintain such list, we almost never open it because of lack of time or motivation. To solve this problem, We have developed a chrome extension - Zinger which helps you to learn new words with minimum efforts. For learning new words you don’t have to devote explicit time, you can learn them while you are browsing the web. https://shivamdixit.com/gsoc/cracking-google-summer-of-code/ Fri, 29 Aug 2014 00:00:00 +0000 https://shivamdixit.com/gsoc/cracking-google-summer-of-code/ Google Summer of Code is a program sponsored by Google to introduce students to open source programming. Students work on the projects mentored by different open source organizations. It is an incredible opportunity to learn the various tools and practices used in real world softwares. I was GSOC 2014 student under Open Web Application Security Project in my sophomore year. In this post I will shed some lights on how to start preparing for GSOC. https://shivamdixit.com/security/storing-delicious-passwords/ Wed, 27 Aug 2014 00:00:00 +0000 https://shivamdixit.com/security/storing-delicious-passwords/ Most of the web applications require their users to authenticate themselves by asking them username and password. They compare the user supplied credentials with the data stored in their database and if the credentials match, the user is granted access. Sounds good! But what will happen if the database in which the website is storing your passwords gets compromised? This article covers various techniques of storing passwords in the database. https://shivamdixit.com/gsoc/gsoc-14-webgoatphp-proposal/ Sun, 11 May 2014 00:00:00 +0000 https://shivamdixit.com/gsoc/gsoc-14-webgoatphp-proposal/ Abstract WebGoat is one of the most popular open source web applications developed by OWASP. It is a deliberately insecure web application developed using Java to provide a security awareness environment. It offers a set of challenges based on various vulnerabilities listed in OWASP. Since PHP is extremely popular in web applications and has many of the security flaws which Java doesn’t, my work is to develop a deliberately insecure PHP web application. https://shivamdixit.com/linux/what-happens-when-you-power-on-your-computer/ Fri, 07 Feb 2014 00:00:00 +0000 https://shivamdixit.com/linux/what-happens-when-you-power-on-your-computer/ Ever wondered what all goes inside your computer when you switch on the power button? How is an Operating System loaded ? How you are presented with an user friendly GUI screen? Through this post I will peek into the booting process of UNIX like Operating Systems and try to answer some of the questions. Some of the things discussed in this post are also valid for Windows operating system. https://shivamdixit.com/linux/using-custom-404-page-in-apache/ Wed, 29 Jan 2014 00:00:00 +0000 https://shivamdixit.com/linux/using-custom-404-page-in-apache/ What is 404 error? When you fire up your web-browser and type in, say google.com/foo, your web-browser makes a request to the server for page “foo”. In return, server returns a response with a special status code indicating the status of the request. If the page foo is not found on the server, 404 status code is sent in the respone. Some other common status codes are: 200 : OK 301 : Moved Permanently 400 : Bad Request 401 : Unauthorized 403 : Forbidden 404 : Not Found 500 : Internal Server Error What is .