I develop web applications, which use a number of third party applications/code/services.
As part of the job, we regularly check with the Full Disclosure mailing list http://seclists.org/fulldisclosure/ for any of the products we use.
This is a slow process to do manually and subscribing to the list would cost even more time, as most reports do not concern us.
Since I can't be the only one trying to keep up with any possible problems in the code I use, others have surely encountered (and hopefully solved) this problem before.
What is the best way to monitor the Full Disclosure mailing list for specific products only?
Two generic ways to do the same thing... I'm not aware of any specific open solutions to do this, but it'd be rather trivial to do.
You could write a daily or weekly cron/jenkins job to scrape the previous time period's email from the archive looking for your keyworkds/combinations. Sending a batch digest with what it finds, if anything.
But personally, I'd Setup a specific email account to subscribe to the various security lists you're interested in. Add a simple automated script to parse the new emails for various keywords or combinations of keywords, when it finds a match forward that email on to you/your team. Just be sure to keep the keywords list updated with new products you're using.
You could even do this with a gmail account and custom rules, which is what I currently do, but I have setup an internal inbox in the past with a simple python script to forward emails that were of interest.
Related
This is a general technical question, rather than a code-oriented question. I work in an organisation where scheduling/timetabling is complex and confusing. It is an environment based on Office365. Those colleagues who are in charge of creating timetables tend to use Excel. This makes sense as timetables are created collaboratively, and people can write comments next to proposed meeting slots. The issue is that there appears to be no seamless way to convert a spreadsheet into a calendar. Someone has to manually create calendar events for every single meeting. Quite often, an Excel spreadsheet is sent around the institution, and individuals must manually add these to their personal calendars. This consumes a lot of time (when added up across the institution) and lacks any flexibility in the sense that events cannot be automatically rescheduled. There do seem to be technologies out there which allow easy conversion of spreadsheets to calendars, e.g. Notion / Smartsheets, but I doubt that my organisation would invest in these. Google has an apps scripting language which looks cool, but I do not see any equivalent for Microsoft. The best thing I can think of would be to create a "Shiny App" which allows you to upload a spreadsheet, and download .ics file(s). I do have the ability to write such a script, but it would take some time. I was wondering if anyone knew of a simple technological solution to this issue which does not involve investing in new platforms.
For fun and maybe for profit, i want to implement the following:
scheduled or manually triggered process that logs into all my bank accounts
process knows bank site structure, and goes through "cashback/partner deals" pages
all deal information is collected in one place and in one format
when i'm going to buy something, i can quickly see if any of my cards has a special offer for that place. so that i can pay with the card that offers the best deal. ideally, this should happen on my android phone. that doesn't imply a standalone app though, e.g. you can search inside an email or googledoc or anything.
any ideas on implementation? don't limit yourself. suggest crazy things, as long as they work.
PS i did look for an existing website that offers something similar, but they all seem to focus on cards themselves rather than on specific deals for stores.
Depending on the bank website, your code may need to be able to execute JavaScript to interact with it. Take a look at CasperJS for the web scraping part.
I want to create a "feature" for Gmail which keeps track of emails which did not get a reply. It shall check all sent emails for replies on a daily basis and list the ones which did not get a reply in a special folder/ add a tag so I can easily check them.
I have found a script out there already but it's not easy enough to add in a self serving way to unexperienced users' accounts (you have to download it and "install" it). Additionally it crashes frequently-it seems the amount of emails it may check is limited by Gmail.
I am not planning to develop it myself but am curious on you opinion of what's the best way to develop it (e.g. programming language) so I can look for the right type of developer.
Best,
Mar
It is possible to do what you describe using Google Apps Script.
Essentially, you can write a script that activates on a time-based trigger, checks your inbox using GmailApp, and locates messages and adds new labels.
Note that you would have to ensure that you don't exceed the quota limitations; there are quotas for the number of possible Gmail actions taken and maximum script execution time. If you run into problems with these quotas, try breaking the problem into smaller pieces by processing smaller batches of mails with each execution.
Alternatively, you can write an application that manipulates your inbox using the Gmail API and one of the client libraries.
Like a lot of businesses my employer is dealing with the new world of PCI compliance by avoiding the hard stuff and redirecting our customers to a third-party payment service. The process will entail the customer entering order details into our system but then being redirected to the merchant bank's payment service for the entry of those all important card details.
We wish to retain the services of some business that periodically fills in stages 1 and 2 of our order form with some dummy data, presses place order and sees that the URL it ends up at is in fact the one we're expecting, a bit like a bot or a web spider.
If it finds we've been clickjacked it would alert us by text message or twitter feed or whatever the cool kids are using these days.
Does anyone know of a service that performs this function?
No, I don't believe that there is a service like this. Usually companies with specific testing needs like this will use QuickTest Pro.
I'm still in the process of going through some suggestions and hammering out what exactly we're going to do but almost all the info I've gained has come from:
http://www.softwareqatest.com/index.html
A devastatingly useful site which provides more than answers to this functional testing scenario. There are a couple of Web-Based services which execute QA Functional Testing scripts against your site and send alerts and reports if the tests fail.
The two I had a quick look at were http://www.dotcom-monitor.com/ and http://www.watchmouse.com/en/
The latter service uses Badboy scripts in its tests so you can home brew them and then upload to their server for regular execution.
I have a departmental maintenance that needs to be done roughly every 3 months. The maintenance itself can't be automated (it involves physically swapping a primary and spare piece of networking hardware to verify the spare is still working correctly).
I could put this as a recurring event in Outlook and give it a two week reminder window, but I don't want it to be tied to an individual's account (if I or one of my coworkers leaves the company, I still want the reminder to go to the department).
We're working on implementing Sharepoint and my group has a maintenance calendar, which seems like a lovely place to put this. However, there don't seem to be dated notifications for the events. You can set up notifications if the event changes, and you can subscribe to the calendar and set up a notification via Outlook, but that notification is still a per-user notification.
At this point I'm probably just going to write a cronjob on a linux server that emails a reminder, but I thought I'd ask if there's a way to do it using all these expensive collab tools we're putting in place.
So, any idea how to get notifications of a dated event that is not tied to individual users? I also welcome being told that my entire take on the problem is false as long as it involves some good alternatives. Thanks!
Expanding on Andy's answer (http://www.andrewconnell.com/blog/articles/CreatingCustomSharePointTimerJobs.aspx) if you just put code to send an email in the Execute method of the timer job this doesn't give you anything more than cron.
What you could do is to write code to iterate through the Calendar (actually an Event List) finding any events due soon and sending email to whomever is in the Assigned To field. This could then be called from the Timer Jobs Execute method or using a normal scheduled task. This will be easier to administer changes than cron and could be used for other types of tasks.
A link to get you started - Iterate through Items in a List
Another option would be to use Workflow to send out emails from the calendar
EDIT - Since SharePoint SP2 this no longer works as is as workflows can no longer start themselves (loop) - explanation and workaround
This CodeProject article shows how to develop a feature to send scheduled reminders
Yet another option would be to use one of the 3rd party tools that do this (disclaimer - I work for the first company)
Pentalogic - SharePoint Reminder
Bamboo - Alert Plus
BoostSolutions - Alert Reminder Boost
Finally - whichever method you choose (custom code/workflow/3rd party) you will likely run into trouble with recurring events as SharePoint doesn't provide a way to get an 'expanded' list of all occurrences.
The best way to do this would be using a Timer Job - see Andrew Connell's blog here: http://www.andrewconnell.com/blog/articles/CreatingCustomSharePointTimerJobs.aspx