SQL injection

 https://id.wikipedia.org/wiki/Injeksi_SQL

https://owasp.org/www-community/attacks/SQL_Injection

Layup Mold Process

 

Scanning Vulnerable Website

Nikto

• nikto -h http://target.com -Tuning 1,2,3
• nikto -h target.com -p 80,443,8080
• nikto -h target.com -Plugins apache_expect_xss
• nikto -list-plugins
• nikto -h target.com -evasion 1
• nikto -h http://target.com -o report.txt

Gobuster




Burp Suite

Quote Today

 

Install Linux Tools in Windows CMD

 

go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest

go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest

git clone https://github.com/sullo/nikto

cd nikto/program

perl nikto.pl -Version

Frontend Free Website

•  https://www.reactbits.dev/
• https://freefrontend.com/

Alternatives (VERY GOOD)

1. UI Components & Snippets

• 🌐 uiverse
  👉 https://uiverse.io/

  • Community-driven UI elements

  • Buttons, loaders, inputs, etc.

• 🌐 HyperUI
  👉 https://www.hyperui.dev/

  • Free Tailwind components

  • Good for dashboards & landing pages

• 🌐 Flowbite
  👉 https://flowbite.com/

  • UI kit + components

  • Includes charts, modals, forms

---

2. Full Templates & UI Kits

• 🌐 Mamba UI
  👉 https://mambaui.com/

  • Ready-to-use sections & templates

• 🌐 Tail-Kit
  👉 https://tailkit.com/

  • 250+ free components

• 🌐 Wicked Blocks
  👉 https://wickedblocks.dev/

  • Marketing UI blocks

---

3. Practice & Real Projects

• 🌐 Frontend Mentor
  👉 https://www.frontendmentor.io/

  • Real-world UI challenges

  • Great for portfolio

• 🌐 GreatFrontEnd
  👉 https://www.greatfrontend.com/

  • Practice real frontend problems (some free)

---

⚡ Bonus (Hidden Gems)

• 🌐 FreeFrontend.org
  👉 https://freefrontend.org/

  • MIT licensed, production-ready snippets

  • No dependencies, easy copy-paste

---

Scopus API

- go to url:https://dev.elsevier.com/

- I want an API key
- API key example:1qjhu12e731ygasd733eh
- First way

curl "https://api.elsevier.com/content/search/scopus?query=AU-ID(57205201935)" ^

 -H "X-ELS-APIKey: 1qjhu12e731ygasd733eh" ^

 -H "Accept: application/json" | jq ".\"search-results\".entry[] | {title: .\"dc:title\", year: .\"prism:coverDate\", cited: .\"citedby-count\"}"

atau menggunakan python

import requests

import pandas as pd

url = "https://api.elsevier.com/content/search/scopus"

headers = {

    "X-ELS-APIKey": "1qjhu12e731ygasd733eh",

    "Accept": "application/json"

}

params = {

    "query": "AU-ID(57205201935)"

}

r = requests.get(url, headers=headers, params=params)

data = r.json()

rows = []

for e in data["search-results"]["entry"]:

    rows.append({

        "title": e.get("dc:title"),

        "year": e.get("prism:coverDate"),

        "cited": e.get("citedby-count"),

        "doi": e.get("prism:doi")

    })

df = pd.DataFrame(rows)

df.to_csv("scopus_data.csv", index=False)

print("✅ Data berhasil disimpan ke scopus_data.csv")

Video compress

 apt-get install -y ffmpeg

ffmpeg-static -i /var/www/html/mz/public/videos/producerai-hero.mp4 \ -vcodec libx264 -crf 32 -preset fast \ -movflags faststart \ -acodec aac -b:a 96k \ /var/www/html/mz/public/videos/hero-small.mp4

-############################################

# Tambah cache header untuk video di nginx config

cat > /etc/nginx/sites-available/mz << 'NGINX'

upstream avoer_app {

    server 127.0.0.1:3001;

    keepalive 64;

}

server {

    listen 80;

    listen [::]:80;

    server_name avoer.ft.unsri.ac.id;

    gzip on;

    gzip_vary on;

    gzip_proxied any;

    gzip_comp_level 6;

    gzip_types text/plain text/css application/json application/javascript text/xml application/xml image/svg+xml;

    # Static Next.js files

    location /_next/static/ {

        alias /var/www/html/mz/.next/static/;

        expires 1y;

        add_header Cache-Control "public, immutable";

        access_log off;

    }

    # VIDEO — cache lama di browser, support range request untuk streaming

    location /videos/ {

        alias /var/www/html/mz/public/videos/;

        expires 7d;

        add_header Cache-Control "public, max-age=604800";

        add_header Accept-Ranges bytes;

        access_log off;

    }

    # Public folder lainnya

    location /public/ {

        alias /var/www/html/mz/public/;

        expires 30d;

        add_header Cache-Control "public";

        access_log off;

    }

    location = /favicon.ico { access_log off; log_not_found off; }

    location = /robots.txt  { access_log off; log_not_found off; }

    # Next.js app

    location / {

        proxy_pass http://avoer_app;

        proxy_http_version 1.1;

        proxy_set_header Upgrade $http_upgrade;

        proxy_set_header Connection 'upgrade';

        proxy_set_header Host $host;

        proxy_set_header X-Real-IP $remote_addr;

        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

        proxy_set_header X-Forwarded-Proto $scheme;

        proxy_cache_bypass $http_upgrade;

        proxy_read_timeout 60s;

    }

    client_max_body_size 50M;

}

NGINX

nginx -t && nginx -s reload

echo "Nginx reload OK"

# Test video accessible langsung dari nginx (bukan via Next.js)

curl -I http://mz.com/videos/producerai-hero.mp4 | head -10

Node.JS

 

cd /var/www/html/avoer && npm run build 2>&1 | tail -3 && pm2 restart avoer-labs

Laravel artisan optimize

php artisan optimize:clear && php artisan optimize && systemctl restart php8.5-fpm

[opcache]

opcache.enable=1

opcache.enable_cli=0

opcache.memory_consumption=256

opcache.interned_strings_buffer=16

opcache.max_accelerated_files=20000

opcache.validate_timestamps=0

opcache.save_comments=1

opcache.revalidate_freq=0

realpath_cache_size=4096k

realpath_cache_ttl=600

Surface Roughness