Collaborate Disseminate
I recently visited a website which was, well, hacked. The attacker was clearly able to modify the content of front page by adding his own text, images and JavaScript. I know this can be done in various ways by modifying the database record… Continue reading How can attacker disable compromised website’s SSL/TLS enforcement? [closed]
I’m doing an educational hash research. I generated MD5 hash using online tools and cracked it within a second using Hashcat and certain wordlist (yes, one second). Then I produced a WPA handshake using this same password that I used for M… Continue reading Significant differences in hash cracking speeds? [duplicate]
In classic hosting we have a virtual machine with limited resources allocated by hosting provider for running our web application. But with serverless code such as AWS Lambda or Azure Functions, our code is executed by hosting provider (Am… Continue reading Is serverless code immune to DDoS attacks?
It is my understanding that SSDs do not allow user to overwrite any specific file completely (wear-leveling). So in case of ransomware attack such as CryptoLocker, doesn’t that mean there is still, always, an unencrypted copy of file on th… Continue reading If SSDs cannot be securely wiped then why can’t we recover files after crypto virus attack?
I have implemented an authentication system which works like this:
Upon successful login, the server takes the username of client and encrypts it with AES-256.
This ciphertext is stored in the client’s browser and when the client wants t… Continue reading Is it possible to calculate an encryption key when both the plain text and ciphertext are known?