Collaborate Disseminate
If I sign up for Gmail I probably agree to give Google the right to use all my content for whatever purposes they want. We know they have incredible research going on into data mining and machine learning to identify and predict sensitive … Continue reading Is Google mining the content of emails I send to people who use gmail? Could they?
Amateur Question… We’ve written a SaaS application that runs in Google Cloud on a GCP-managed MySQL database. We now need to make our application PCI and / or HIPAA compliant. I know we need to specify our own encryption key and keep it … Continue reading Is Google Cloud Database encryption with customer specified keys PCI and / or HIPAA compliant?
I am working on a CLI application which gets an API key from the user and use it to authenticate to a cloud application. Once the user authenticated, I want to store the API key somewhere securely so that user don’t need to enter it every … Continue reading How to store user entered credentials in CLI application?
Working on a quick and easy script to exploit a system and establish persistence. To do so I have written 2 .rc scripts
use exploit/windows/smb/ms17_010_eternalblue
set payload windows/x64/meterpreter/reverse_tcp<
set rhost 156.156.1…. Continue reading How do you place sequential metasploit rc scripts into a standard linux script [closed]
I am pretty knew to cyber, but looking at metasploit and trying to execute arbitrary commands in cmd on an old Windows XP. I am trying to use https://www.infosecmatter.com/metasploit-module-library/?mm=payload/windows/exec with the .exe fi… Continue reading Executing cmd command on XP with metasploit
When trying to go to https://www.pfizerpapconnect.com, the Firefox web browser claims there is a "Potential Security Risk" and pops up a page recommending to not proceed.
Is there a real security issue with this site, and if so, … Continue reading Why does Firefox claim a site has a "Potential Security Risk"? [duplicate]
I am trying to access the database of a web application
After successfully creating Interception through Burp Suite I copied ‘Request’ to /tmp/user.request file.
Here is my user.request file
After that i started sqlmap and typed this in te… Continue reading CRITICAL : all tested parameters do not appear to be injectable [closed]
I use a firebase database to store users locations in it (by using GeoFire).
Except for this parameter, everything else in the database does not include any information.
My problem is that I cannot encrypt the coordinates since the GeoFire… Continue reading Securing my Firebase account
You always hear about zero day vulnerabilities in Chrome, Skype, Zoom, Office, VLC, etc. But you never hear about vulnerabilities in video games (like popular multiplayer titles Fortnite or League of Legends) that hackers can use to perfor… Continue reading Do video games on Windows have vulnerabilities?
What type of risks do I expose myself to by enabling flash in the browser?
Web developers or online game developers who can use those vulnerabilities to crash my computer or exploit it by downloading files into my computer without permiss… Continue reading Flash Vulnerabilities