Collaborate Disseminate
These are the choices when looking for (not only) a RADIUS network authentication – IronWifi, clearpass, cloudess, foxpass, jumpcloud
Any others you guys know about? And in case you’ve got any experience with the services a… Continue reading Radius & Network Authentication – what service to choose?
I have to do a stack overflow attack on a given bit of code (the vulnerability is the gets function in it), and I’m able to change the return address to be anywhere I want.
The goal is to spawn my shell and then return to th… Continue reading How do I correctly find the address of the stack for stack overflow
I’m selling a 4-year-old Dell PC with Windows 10 and two SSDs and I want to be sure that nobody can recover anything from my personal deleted files. So far I’ve done the following.
Completely Bitlocker encrypt both disks,… Continue reading How sufficient are these steps to prevent deleted SSD files from being recovered?
Were working towards implementing a SDLC for a company and as in any complex environment there are differences of opinion for the new process. Some of the developers want to make use of one directory others want to use anothe… Continue reading Security implications of source code location
I was wondering if antiviruses could scan /var or if it was off limits i am trying to understand how antiviruses work and there impact on the file system and any limitations imposed on scanning ability
I was wondering if a proxy server from the internet could redirect traffic to malicious websites or download malware or even modify downloads( I do not plan on using a proxy server i found from the internet just wondering )
… Continue reading Can a proxy server redirect traffic to malicious websites or modify downloads?
I have always been curious if all software have a signature for whatever reason or is only related to AV.
Continue reading When writing software do all programs have a signature?
Operating Systems and Embedded Systems usually don’t come with source code or binaries that one can review.
How can a vulnerability researcher look for flaws in a system (Architecture, Protocols, etc.) without any access to … Continue reading How can vulnerability researchers find flaws in OSes / Embedded Systems?
We have a number of test environments that are permanently internet facing to accommodate external and automated testers with dynamic IP addresses. While we regularly check the servers for security vulnerabilities etc, we fou… Continue reading Is there a technical security standard for internet facing test environments?
An XSS vulnerability report was made via Open Bug Bounty, which was fixed, confirmed and a reward was made.
The reporter has marked the issue was resolved. They have further offered to remove the vulnerability from the Open … Continue reading Is it bad practice to remove a resolved report from Open Bug Bounty archive?