node-unzipper
node.js cross-platform unzip using streams (by ZJONSSON)
s3-bucket-name-ge
By automaticit-anthonyyen1
SurveyJS - Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App
With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
surveyjs.io
featured
node-unzipper | s3-bucket-name-ge | |
---|---|---|
2 | 1 | |
421 | - | |
- | - | |
7.0 | - | |
10 days ago | - | |
JavaScript | ||
GNU General Public License v3.0 or later | - |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
node-unzipper
Posts with mentions or reviews of node-unzipper.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2024-04-29.
-
The AWS S3 Denial of Wallet Amplification Attack
https://github.com/ZJONSSON/node-unzipper/issues/308
-
An empty, private AWS S3 bucket can cost you 1000s of $
Today I was hit by a surprise 500$ bill by using byte range request within zip files without an upper bound, but not consuming the whole stream. I tested for about 45 min at about 1gbps. My ISP meter says I downloaded 300gb which lines up with physics, but AWS says it was 6000gb.
My first thought is that can be abused to multiply the damage if you want to engage in some cost based denial of service.
About every other week AWS gets out of their way to make us remember that they are the worst cloud around.
For reference https://github.com/ZJONSSON/node-unzipper/issues/308
s3-bucket-name-ge
Posts with mentions or reviews of s3-bucket-name-ge.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2024-04-29.
-
An empty, private AWS S3 bucket can cost you 1000s of $
Well this was an unwelcome attack vector, since I wrangle a fair few S3 buckets. I hastily threw together a S3 bucket name generator in Bash under Linux [1] to create names that follow the AWS rules to start my migration to my new S3 bucket names, and welcome any help to ensure it creates names that are strongly resistant to this attack, and follow various S3-like vendor rules.
[1] https://github.com/automaticit-anthonyyen1/s3-bucket-name-ge...