DOCSLIB.ORG

Your Guide to Integrating with Microsoft Exchange

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Your Guide to Integrating with Microsoft Exchange 2019 Your Guide to Integrating With Microsoft Exchange EAS, EWS, and Graph About Nylas Nylas is a developer platform that powers applications with email, calendar, and contacts integrations through a REST API. The Nylas API handles more than 100 million API requests per day and has synced more than 15 billion emails. 24,000 developers are signed up to use the API. We’re excited to share some of our learnings here. Overview While Exchange is billed as “email for enterprise”, it does, in fact, drive most business motions: internal and external email communications, calendar invites for meetings and interviews, and contacts databases. It makes sense then that many software applications are building two-way sync between their apps and user’s Exchange accounts. In Exchange’s 20+ year history, Microsoft has created numerous APIs — but with each new API comes a surge in ongoing maintenance and support as developers are forced to rip out the old protocols and implement the new ones. In this guide, we’ll dive into the three most commonly used protocols for integrating with Exchange: 1 EAS (ActiveSync) 2 EWS (Web Services) 3 Microsoft Graph 4 A better way to integrate with Exchange 2 EAS/ActiveSync EWS/Web Services Microsoft Graph How it’s used Mobile API for MS Exchange API for Office 365 synchronization intended for desktop/ protocol for mail, server applications calendar, contacts, & tasks Released 2002 2007 2015 SDK Support Precursors MAPI MAPI, WebDAV, EWS and other ActiveSync individual Office APIs On-prem Experimental support support for hybrid deployments Message format Binary-encoded XML XML SOAP JSON REST over HTTP Data Mail/calendar/ All of the Above All of the above contacts/tasks/notes + metadata and configuration (e.g. Inbox Rules). Deeper data fields (e.g. IsTeamTask) Additional Push notifications, Rich search, access Missing some functionality simple string to public folders & functionality and searching, and device drafts, impersonation, features are in flux management many “advanced” due to the product’s services like free/ nascent nature busy, working hours 3 EAS (ActiveSync) EAS, literally “Exchange ActiveSync Services”, was introduced in Exchange 2003 to specifically sync Exchange with mobile clients (high-latency, low- bandwidth connections). It was very innovative at the time and introduced a lightweight, idempotent procedure for data synchronization. ActiveSync is broadly deployed and supported natively by iOS and Android. In practice, it remains the lowest common denominator for integrating applications with different versions of Exchange. Unfortunately, being a licensed technology, there is no public SDK for ActiveSync. Clients wishing to use it must implement the protocol from spec. ActiveSync is a proprietary binary protocol, which makes it way harder to interoperate with than SOAP or XML-RPC. An ActiveSync sync loop is typically done in three phases: 1. An autodiscovery phase which translates the mailbox address to an ActiveSync endpoint 2. An explicit provisioning step which negotiates the client’s capabilities with the server’s access policies (this step takes place just once) 3. A recursive folder synchronization procedure. Messages are encoded into something called WBXML - a binarized format not unlike BSON or protocol buffers which defines a state machine and walks through it via a token stream. In the recursive folder procedure, each token represents either a unit of data (“inline string”) or a transition (“inline string follows”). Outside of the message body, a number of Exchange-specific headers must be added to the HTTP messages. ActiveSync can run over SSL and can authenticate via OAuth or NTLM. Nylas connects your app to Exchange in just a few lines of code. Try it out today! 4 Example of a decoded ActiveSync message Note the use of a sync key to represent the current/next page of results. Request: <?xml version=”1.0” encoding=”utf-8”?> <airsync:Sync xmlns:airsync=”AirSync”> <airsync:Collections> <airsync:Collection> <airsync:SyncKey>866776076</airsync:SyncKey> <airsync:CollectionId>7</airsync:CollectionId> <airsync:ConversationMode>1</airsync:ConversationMode> <airsync:Options> <airsyncbase:BodyPreference xmlns:airsyncbase=”AirSyncBase”> <airsyncbase:Type>2</airsyncbase:Type> <airsyncbase:TruncationSize>500</ airsyncbase:TruncationSize> <airsyncbase:Preview>100</airsyncbase:Preview> </airsyncbase:BodyPreference> </airsync:Options> </airsync:Collection> </airsync:Collections> <airsync:HeartbeatInterval>60</airsync:HeartbeatInterval> </airsync:Sync> Response: <?xml version=”1.0” encoding=”utf-8”?> <Sync xmlns=”AirSync” xmlns:email=”E m ail” xmlns:airsyncbase=”AirSyncBase” xmlns: email2=”Email2”> <Collections> <Collection> <SyncKey>1992475662</SyncKey> <CollectionId>7</CollectionId> <Status>1</Status> <Commands> <Add> <ServerId>7:1</ServerId> <ApplicationData> <email:To> Nylas connects your app to Exchange in just a few lines of code. Try it out today! 5 ”Jason Doe” &lt;[email protected]&gt; </email:To> <email:From> ”Albert Einstein” &lt;[email protected]&gt; </email:From> <email:Subject>Test Mail</email:Subject> Provisioning phase Source: Microsoft Nylas connects your app to Exchange in just a few lines of code. Try it out today! 6 Synchronization phase Source: Microsoft Nylas connects your app to Exchange in just a few lines of code. Try it out today! 7 Though ActiveSync succeeded at syncing mobile clients, it was built for mobile phones of the early 2000s. Missing functionality was spread across MAPI-over-HTTP and WebDAV. Exchange Web Services (EWS) was introduced by Exchange Server 2007 to address the scattered landscape. EWS (Web Services) EWS is a much more typical XML SOAP service, replete with all the structural formalities and WS-Addressing that you would expect. Unlike ActiveSync, it does not have a provisioning phase to enforce mobile device policies. EWS-aware applications are typically enabled individually (or as a group) by the Exchange administrator. This means that the authentication procedure is done more or less transparently through the SDK by providing a user’s credentials. Like ActiveSync, EWS also supports SSL, OAuth, and NTLM. Example of an EWS mail sync message Like ActiveSync, requests and responses trade a state key. EWS also uses a ChangeKey to represent the current version of an item. Request: <?xml version=”1.0” encoding=”utf-8”?> <soap:Envelope xmlns:xsi=”http://www.w3.org/2001/XMLSchema-instance” xmlns:m=”http://schemas.microsoft.com/exchange/services/2006/ messages” xmlns:t=”http://schemas.microsoft.com/exchange/services/2006/ types” xmlns:soap=”http://schemas.xmlsoap.org/soap/envelope/”> <soap:Header> <t:RequestServerVersion Version=”Exchange2010_SP2” /> </soap:Header> Nylas connects your app to Exchange in just a few lines of code. Try it out today! 8 <soap:Body> <m:SyncFolderItems> <m:Ite m Shape> <t:BaseShape>AllProperties</t:BaseShape> </m:Ite m Shape> <m:SyncFolderId> <t:DistinguishedFolderId Id=”inbox” /> </m:SyncFolderId> <m:SyncState>H4sIAAA==</m:SyncState> <m:MaxChangesReturned>10</m:MaxChangesReturned> <m:SyncScope>NormalItems</m:SyncScope> </m:SyncFolderItems> </soap:Body> </soap:Envelope> Response: <?xml version=”1.0” encoding=”utf-8”?> <s:Envelope xmlns:s=”http://schemas.xmlsoap.org/soap/envelope/”> <s:Header> <h:ServerVersionInfo MajorVersion=”15” MinorVersion=”0” MajorBuildNumber=”731” MinorBuildNumber=”10” Version=”V2_3” xmlns:h=”http://schemas.microsoft.com/exchange/services/2006/types” xmlns=”http://schemas.microsoft.com/exchange/services/2006/types” xmlns:xsd=”http://www.w3.org/2001/XMLSchema” xmlns:xsi=”http://www.w3.org/2001/XMLSchema-instance” /> </s:Header> <s:Body xmlns:xsi=”http://www.w3.org/2001/XMLSchema-instance” xmlns:xsd=”http://www.w3.org/2001/XMLSchema”> <m:SyncFolderItemsResponse xmlns:m=”http://schemas.microsoft.com/exchange/services/2006/ messages” xmlns:t=”http://schemas.microsoft.com/exchange/services/2006/ types”> <m:ResponseMessages> <m:SyncFolderItemsResponseMessage ResponseClass=”Success”> <m:ResponseCode>NoError</m:ResponseCode> <m:SyncState>H4sIAAAAAAAEAO29B2AcSZY==</m:SyncState> <m:IncludesLastItemInRange>true</ m:IncludesLastItemInRange> Nylas connects your app to Exchange in just a few lines of code. Try it out today! 9 <m:Changes> <t:Update> <t:Message> <t:ItemId Id=”q04QAAAA==” ChangeKey=”CQAAABYAAADZGACZQpSgSpyNkexYe2b7AAAAird/” /> <t:ParentFolderId Id=” AgENAAAA” ChangeKey=”AQAAAA==” /> <t:Ite m Class>IPM.Note</t:Ite m Class> <t:Subject>RE: Company Soccer Team</t:Subject> EWS mail synchronization for Office 365 Source: Microsoft Nylas connects your app to Exchange in just a few lines of code. Try it out today! 10 Microsoft Graph Microsoft Graph is a fairly new service meant to unify all Office APIs (like Excel and OneDrive) and has officially preempted EWS. Therefore, Graph’s schema is organized not by product but data type (like the Mail API, Calendar API, Notifications API, etc.). This represents a convenient abstraction over the inner workings of Outlook and Excel but represents a major migration from the EWS API. It should also be noted that not all features have been ported over - for example, [free/busy] is still in beta. Also, Graph cannot be used with on-premise deployments of Exchange. Support for hybrid deployments is currently in beta. With Graph, authentication is typically done via OAuth and is segmented into scopes with access tokens. Being an Exchange 365 product, applications must register via the Azure active directory service, as opposed to with Exchange itself. Example of a Graph mail call https://graph.microsoft.com/v1.0/me/messages
Load more

Recommended publications
  • Paid Search and Microsoft Audience Ads BETTER TOGETHER
    Paid search and Microsoft Audience Ads BETTER TOGETHER Hand in hand, they deliver more eyeballs and clicks Whether it’s cookies with milk or cake and ice cream, some things are simply better together. The same rings true for combining search advertising’s finest with the best of native advertising. When used together, they can help marketers reach customers across multiple touch points of the user journey, and get high-quality clicks and conversions at scale. While native ads is a well-recognized ad format, we call them Microsoft Audience Ads. After all, it’s more about reaching the right audience and less about the ad type, right? Ad spend is growing for native and search In fact, it’s growing by double digits for both. 25% 11% Expected annual growth in Expected annual growth in native ad spending in the paid search ad spending U.S. through 20191 in the U.S. through 20202 2018 2019 2018 2019 2020 Looking to increase impressions and capture more purchase intent? Using native and paid search ads together can help you get results at scale. MORE HIGHER HIGHER HIGHER FREQUENTLY PURCHASE BRAND PURCHASE 53% VIEWED 32% INTENT 24% RECALL 18% INTENT DISPLAY VS. NATIVE NO BRAND AD VS. BRAND AD NO BRAND AD VS. BRAND AD BANNER VS. NATIVE Consumers viewed Searchers on Bing Searchers on Bing who Native ads registered native ads 53% more who saw a brand’s ad saw a brand’s ad were an 18% higher lift in frequently than they showed 32% higher 24% more likely to purchase intent than viewed display ads.3 purchase intent even recall the brand than banner ads.3 if they didn’t click on a those who didn’t see brand’s ad.4 the ad.4 Two powerful ways to run Microsoft Audience Ads Along with your search campaigns, add Microsoft Audience Ads to get more high-quality volume outside of search.
    [Show full text]
  • Protocols: 0-9, A
    Protocols: 0-9, A • 3COM-AMP3, on page 4 • 3COM-TSMUX, on page 5 • 3PC, on page 6 • 4CHAN, on page 7 • 58-CITY, on page 8 • 914C G, on page 9 • 9PFS, on page 10 • ABC-NEWS, on page 11 • ACAP, on page 12 • ACAS, on page 13 • ACCESSBUILDER, on page 14 • ACCESSNETWORK, on page 15 • ACCUWEATHER, on page 16 • ACP, on page 17 • ACR-NEMA, on page 18 • ACTIVE-DIRECTORY, on page 19 • ACTIVESYNC, on page 20 • ADCASH, on page 21 • ADDTHIS, on page 22 • ADOBE-CONNECT, on page 23 • ADWEEK, on page 24 • AED-512, on page 25 • AFPOVERTCP, on page 26 • AGENTX, on page 27 • AIRBNB, on page 28 • AIRPLAY, on page 29 • ALIWANGWANG, on page 30 • ALLRECIPES, on page 31 • ALPES, on page 32 • AMANDA, on page 33 • AMAZON, on page 34 • AMEBA, on page 35 • AMAZON-INSTANT-VIDEO, on page 36 Protocols: 0-9, A 1 Protocols: 0-9, A • AMAZON-WEB-SERVICES, on page 37 • AMERICAN-EXPRESS, on page 38 • AMINET, on page 39 • AN, on page 40 • ANCESTRY-COM, on page 41 • ANDROID-UPDATES, on page 42 • ANET, on page 43 • ANSANOTIFY, on page 44 • ANSATRADER, on page 45 • ANY-HOST-INTERNAL, on page 46 • AODV, on page 47 • AOL-MESSENGER, on page 48 • AOL-MESSENGER-AUDIO, on page 49 • AOL-MESSENGER-FT, on page 50 • AOL-MESSENGER-VIDEO, on page 51 • AOL-PROTOCOL, on page 52 • APC-POWERCHUTE, on page 53 • APERTUS-LDP, on page 54 • APPLEJUICE, on page 55 • APPLE-APP-STORE, on page 56 • APPLE-IOS-UPDATES, on page 57 • APPLE-REMOTE-DESKTOP, on page 58 • APPLE-SERVICES, on page 59 • APPLE-TV-UPDATES, on page 60 • APPLEQTC, on page 61 • APPLEQTCSRVR, on page 62 • APPLIX, on page 63 • ARCISDMS,
    [Show full text]
  • Citrix Netscaler Deployment Guide for Microsoft Exchange 2010
    Citrix NetScaler Deployment Guide for Microsoft Exchange 2010 Table of Contents Citrix NetScaler Deployment Guide for Microsoft Exchange 2010 ................................................................... 1 Introduction .................................................................................................................................................................. 3 Solution Requirements ................................................................................................................................................ 3 Prerequisites .................................................................................................................................................................. 3 Deployment Overview ................................................................................................................................................ 4 Network Diagram ................................................................................................................................................... 7 NetScaler Deployment ................................................................................................................................................ 7 Client Access Server ............................................................................................................................................... 7 Configuring NetScaler for Outlook Web App (OWA) ................................................................................ 9 Configuring NetScaler for
    [Show full text]
  • Activesync Configuration for Watchguard® SSL
    ActiveSync Configuration for ® WatchGuard SSL 100 October 2009 Introduction With ActiveSync, users get push functionality to keep email, calendar, tasks, and contacts up to date on a mobile device. It is possible to securely run ActiveSync over SSL through the WatchGuard® SSL 100 appliance without having to install or start the Access Client on the mobile devices. To sync a mobile client it is necessary that an ActiveSync client is installed. How Exchange ActiveSync Works Exchange ActiveSync (EAS) is an HTTP/HTTPS‐based communication between the client and the server. The client uses a virtual directory “/Microsoft‐Server‐ActiveSync” on the IIS server to access EAS. There are no files in this directory; any request is handled by MASSYNC.DLL. MASSYNC needs access to the user’s mailbox. MASSYNC uses only Outlook Web Access, not MAPI, CDO, or any other hidden connection. Define a New Device Type for ActiveSync The ActiveSync client on a mobile device does not support authentication through the HTML form. Therefore, the SSL 100 needs to be able to identify them as devices that only support Basic Authentication. That can be achieved by defining a new device type: 1. Select Manage System in the main menu and click Device Definition in the left‐hand menu. 2. Click the Add Device Definition link. 3. Enter a display name. 4. In the definition text field add: uri = *Microsoft‐Server‐ActiveSync* 5. Click Save. WatchGuard Technologies www.watchguard.com 6. Select Resource Access in the main menu and click the Global Resource Settings link. 7. Click on the Client Access tab and then click on the Add Device Setting link.
    [Show full text]
  • 30,000 Mailbox Resiliency Solution for Microsoft Exchange 2013 Using Lenovo Converged HX7510 Appliances and Hyper-V
    30,000 Mailbox Resiliency Solution for Microsoft Exchange 2013 using Lenovo Converged HX7510 Appliances and Hyper-V Last update: 30 August 2016 Provides a technical overview Contains performance results of Lenovo Converged HX using Microsoft ESRP Storage Solution for Microsoft Program Exchange 2013 Uses HX7510 appliances with Shows class-leading Microsoft 2012 R2 Hyper-V hyper-converged performance hypervisor of HX7510 appliance Pawan Sharma Mike Perks i 30,000 Mailbox Resiliency Solution for Microsoft Exchange 2013 using Lenovo Converged HX7510 Appliances Table of Contents 1 Overview .................................................................................................... 1 1.1 Disclaimer ................................................................................................................ 1 2 Technical overview of HX Series appliances ......................................... 2 2.1 Server Components ................................................................................................. 2 2.2 Software components .............................................................................................. 2 2.3 Networking components .......................................................................................... 5 2.4 Reliability and performance features ........................................................................ 8 3 Microsoft Exchange ................................................................................ 12 3.1 Solution overview ..................................................................................................
    [Show full text]
  • Surface Hub 2S Admin Guide
    Surface Hub 2S Admin Guide Surface Hub 2S coming soon; Pre-release products shown; products and features subject to regulatory certification/approval, may change, and may vary by country/region. Surface Hub 2S has not yet been authorized under U.S. Federal Communications Commission (FCC) rules; actual sale and delivery is contingent on compliance with applicable FCC requirements. This documentation is an early release of the final documentation, which may be changed prior to final commercial release and is confidential and proprietary information of Microsoft Corporation. This document is provided for informational purposes only and Microsoft makes no warranties, either express or implied, in this document. © 2019. Microsoft Corporation. All rights reserved Introduction .................................................................................................................................................. 1 Welcome to Surface Hub 2S ......................................................................................................................... 1 New User Experience and Features ........................................................................................................................ 1 Microsoft Teams ..................................................................................................................................................... 1 New form factor and hardware changes ................................................................................................................ 2 Surface
    [Show full text]
  • Android Support for Microsoft Exchange in Pure Google Devices
    Android support for Microsoft Exchange in pure Google devices Note: The information presented here is intended for Microsoft Exchange administrators who are planning and implementing support for any of these pure Google devices running Android. Android support by version and device The following AndroidTM versions support Microsoft Exchange information services and security policies: ● Android 4.0.4 (Ice Cream Sandwich) ● Android 4.1 and later (Jelly Bean) The following “pure Google” devices support the Microsoft Exchange services and policies: ● Galaxy Nexus phones running Android ● Nexus S phones running Android ● Motorola Xoom tablets running Android ● Nexus 4 phones running Android ● Nexus 7 tablets running Android ● Nexus 10 tablets running Android Requirements To support Android 4.0 running on pure Google devices, you must be running one of the following versions of Microsoft Exchange: ● Exchange Server 2010 SP1 with Exchange ActiveSync 14.1 ● Exchange Server 2010 with Exchange ActiveSync 14.0 ● Exchange Server 2007 SP1 with Exchange ActiveSync 12.1 ● Exchange Server 2007 with Exchange ActiveSync 12.0 ● Exchange Server 2003 SP2 with Exchange ActiveSync 2.5 The following information applies to the Android platform, including the Settings, Email, Calendar, People, and related apps as built by Google. If a device manufacturer has modified these apps on its own devices, contact the manufacturer for information about support for Exchange features. Supported information services Users can add Microsoft Exchange accounts to their pure Google devices by using the Account & Sync settings available from the Settings or Email app. Android supports the following Exchange information services: ● Adding Exchange user accounts (via an ActiveSync server), and enforcement of some mailbox policies (as described in “Supported security policies,” next).
    [Show full text]
  • Team Microsoft Bryce Hrusovsky Reid Wildenhause Jingwei Wan Sam Batali Department of Computer Science and Engineering Michigan State University Fall 2019
    Project Plan ITPro Company Portal The Capstone Experience Team Microsoft Bryce Hrusovsky Reid Wildenhause Jingwei Wan Sam Batali Department of Computer Science and Engineering Michigan State University Fall 2019 From Students… …to Professionals Functional Specifications • Problem: The number of devices being deployed by corporate entities is growing, increasing the workload for IT specialists. ▪ Specialists need the ability to manage corporate devices while they are in the field. ▪ Microsoft Intune solves this problem, but requires a desktop or laptop computer to use. • Solution: Create a mobile application that allows IT specialists to easily monitor, manage and maintain corporate devices with Microsoft Intune directly from a mobile device. The Capstone Experience Team Microsoft Project Plan Presentation 2 Design Specifications • Cross Platform: The application is created to run in both iOS, Android, and UWP using Xamarin platform. 3 different platforms, different UI designs, same codebase for models and controls • Login Page: The first window a user interact with after the launch page. The user must enter correct login credentials (Email/Phone and Passwords) before being redirected to the main page • Main Page: The main window for the application. Contains multiple tabs, sidebar, and summary page, user information, and status • Navigation: The application contains various tabs, links in the sidebar which links users to other pages such as device(s) page, manage page, settings page, terms and services, and Help and support page The Capstone
    [Show full text]
  • Microsoft Graph Mark Stafford, Graph PM • Microsoft Graph, What and Why
    Microsoft Graph Mark Stafford, Graph PM • Microsoft Graph, what and why • 5 steps to your first Graph app • App patterns • 5 tips and tricks to become a Graph coder • What’s new and roadmap Office 365 Your tailored Windows 10 experiences or customizations Enterprise Mobility + Security 1 billion 1 million 100 billion users across work, monthly active apps Microsoft Graph life and edu using Microsoft Identity requests per month Your tailored experiences or customizations 18 trillion 90% 180 million Microsoft Graph nodes Fortune 500 monthly active users of Office 365 commercial Extend Microsoft 365 experiences Build your experience Web Bots & Device Daemon Workflow Documents Conversations Portals Timeline Search Analytics apps agents & native apps automation apps Microsoft Graph REST APIs and webhooks Your local data Microsoft Graph Azure AI platform Microsoft Graph Connectors Office 365 Windows 10 Enterprise Mobility + Security data connect Microsoft Identity Apps Web Native Bots Flows Automation Analytics Auth UX Libraries Capabilities Microsoft Graph Microsoft Graph Connectors Interfaces REST APIs and Webhooks Data Connect Data Microsoft 365 Your domain Apps Web Native Bots Flows Automation Analytics Auth UX Libraries Capabilities Microsoft Graph Microsoft Graph Connectors Interfaces REST APIs and Webhooks Data Connect Data Microsoft 365 Your domain Apps Web Native Bots Flows Automation Analytics Auth UX Libraries Capabilities Microsoft Graph Microsoft Graph Connectors Interfaces REST APIs and Webhooks Data Connect Data Microsoft 365
    [Show full text]
  • Load Balancing Microsoft Exchange 2013 with Fortiadc Highly Available, High Performing, and Scalable Deployment with Fortiadc E-Series Appliances
    Load Balancing Microsoft Exchange 2013 with FortiADC Highly Available, High Performing, and Scalable Deployment with FortiADC E-Series Appliances Exchange 2013 and Application Delivery Important Note: Microsoft® Exchange Server 2013 was released in late 2012 as the successor This guide is written only for the to Microsoft Exchange Server 2010. It introduced a number of new features as FortiADC E-series platform. well as changes to existing features. Enhancements were added with Cumulative The instructions included within Update 1 (CU1) in 2013 and again, later in 2013 with the release of Cumulative are not designed to be used with Update 2 (CU2). the FortiADC D-series platform application delivery controllers. This guide was written for CU2. This version of the guide provides configuration information for Fortinet’s EQ/OS 10.1 release. Load Balancing Requirements for Exchange Microsoft recognizes the need for load balancing client access in all but the smallest Exchange deployments. For Microsoft’s overview of load balancing recommendations in Exchange 2013, please see: http://technet.microsoft.com/en-us/library/jj898588%28v=exchg.150%29.aspx As stated in the above document, Exchange 2013 relies upon Client Access servers to provide connections for users. Load balancing these Client Access servers can improve availability, by providing redundancy, as well as efficiency through intelligently balancing load across the servers. “In Exchange Server 2010, client connections and processing were handled by the Client Access server role. This required that both external and internal Outlook connections, as well as mobile device and third- party client connections, be load balanced across the array of Client Access servers in a deployment to achieve fault tolerance and efficient utilization of servers.” “In Exchange Server 2013, there are two primary types of servers—the Client Access server and the Mailbox server.
    [Show full text]
  • Douchebag Jar the Instant Karma App
    Douchebag Jar The Instant Karma App A full­stack mobile application development project Douchebag Jar The Instant Karma App Ett full­stack utvecklingsprojekt för mobilapplikationer Frida Nilsson Dan Gryttman The Faculty of Health, Science and Technology Computer Science Bachelor Thesis 15hp Supervisor: Katarina Asplund Examiner: Jonathan Vestin Date: 2021­05­31 Preface We want to thank our supervisors at Ubitech AB, Martin and Viktor, for your guidance, your patience and for your dedication. We would also like to thank our supervisor Katarina for helping us with the thesis, and reminding us that a thesis is also part of a project. Finally, we want to thank Elin, as she is the reason why we needed an app like this. i ii PREFACE Abstract Mobile applications are everywhere in today’s society, they come in many flavours and are an integral part of many peoples daily lives. The limits to development of mobile applications are expanding with each new idea of how the technology could be potentially used, and it is a field that is most likely going to continue to influence the world we live in. In this thesis, the objective was to develop a proof of concept for a mobile application for social interaction which is tightly anchored to the real world. The idea of the "Douchebag Jar" application was intended as a way for friends and coworkers to stay connected and keep having fun at each other’s expense by introducing a karma-based punishment/redemption system. The goal was to learn about mobile application devel- opment and the technologies behind it, get first hand experience with app development and become familiarised with tools used by professional app developers.
    [Show full text]
  • Breaching the Cloud Perimeter
    Breaching the Cloud Perimeter Brought to you by… © Offensive Tradecraft by BHIS @BHInfoSecurity https://www.blackhillsinfosec.com Roadmap • Breaching the Cloud Perimeter • Cloud Pentest Authorization • Cloud Authentication Methods • Reconnaissance • Exploiting Misconfigured Cloud Assets • Gaining a Foothold • Post-Compromise Recon • Pillaging Cloud Assets • Cloud Infrastructure Attacks • Weaponizing the Cloud for Red Team Operations © Offensive Tradecraft by BHIS @BHInfoSecurity https://www.blackhillsinfosec.com Cloud vs. On-Prem • What is different about penetration testing "the cloud"? • Traditional attacks, different angle • Post-compromise results in new challenges • More room for misconfiguration • Higher risk to orgs as services used by employees are now public facing © Offensive Tradecraft by BHIS @BHInfoSecurity https://www.blackhillsinfosec.com Author/Instructor • Beau Bullock (@dafthack) • Pentester / Red Team at Black Hills Information Security • Certs: OSCP, OSWP, GXPN, GPEN, GWAPT, GCIH, GCIA, GCFA, GSEC • Speaker: WWHF, DerbyCon, Black Hat Arsenal, BSides, Hack Miami, RVASec • Tool Developer: MailSniper, PowerMeta, DomainPasswordSpray, MSOLSpray, HostRecon Check-LocalAdminHash © Offensive Tradecraft by BHIS @BHInfoSecurity https://www.blackhillsinfosec.com Sources & Thanks! • Huge thanks to all the cloud pentesting blog/book authors & open source developers! • Sean Metcalf (@PyroTek3) & Trimarc - https://adsecurity.org/ • Karl Fosaaen (@kfosaaen) & NETSPI - https://blog.netspi.com/ • Ryan Hausknecht (@haus3c) & SpectorOps
    [Show full text]