Leon – WindowsTechs.com

Security Tool for Deniable Encryption [closed]

Posted on March 15, 2021 by Leon

Need security tool for deniable encryption with requirement below:

use 1 passphrase only for encryption and decryption, without any key

given correct passphrase, it will be decrypted

given any incorrect passphrase, it will be decrypted … Continue reading Security Tool for Deniable Encryption [closed]→

Shuffle Tool / Software [closed]

Posted on March 13, 2021 by Leon

I am looking for tools / software / library / algorithm, that can shuffle private key, by using passphrase only, and then use the same passphrase to de-shuffle, but if it is wrong passphrase, then it will re-shuffle again, instead of de-sh… Continue reading Shuffle Tool / Software [closed]→

Intercepting TCP traffic through MITM attack

Posted on April 12, 2020 by Leon

I’m trying to capture TCP requests through Burp Suite with this hacky method.

Basically it listens for user selected protocol requests (TCP/UDP) and then forwards them to Burp Suite (or any other tool, if you want to) just like they’re HT… Continue reading Intercepting TCP traffic through MITM attack→

How can I deal with this SQL injection?

Posted on April 8, 2020 by Leon

When I put ‘)); as input I will get this:

index album,albumdelta,faq,faqdelta,forum,forumdelta,picture,picturecomment,picturecommentdelta,picturedelta,post1,post2,post3,post4,postdelta,socialgroup,socialgroupdelta,socialgroupmessage,socia… Continue reading How can I deal with this SQL injection?→

Triggering an XSS through a shortened URL?

Posted on April 2, 2020 by Leon

I have this piece of HTML:

where {injectable} values correspond to the same input value that has to be 32 characters long. How can I trigger my XSS by an ext… Continue reading Triggering an XSS through a shortened URL?→

Suspicious established network connection

Posted on July 21, 2017 by Leon

So, while I casually did a netstat -a for an unrelated matter I found this connection open that seemed (at least to my untrained eye) strange:

Where Name was the last name of another current employee of the company in all c… Continue reading Suspicious established network connection→

Security Architecture – Settings to drive UI and Privileges (Rights) – Role-Based, per User-Account

Posted on March 7, 2011 by Leon

How do large companies implement their security requirements which are centralized and used to drive things people can do (allowed to call a certain web-service, submit an order, etc.) as well as to drive UI (disable buttons, menu options,… Continue reading Security Architecture – Settings to drive UI and Privileges (Rights) – Role-Based, per User-Account→