Collaborate Disseminate
I’m moderating one small Discourse forum and we, like everyone else, get spammers from time to time. Our forum is small, like 40-60 weekly unique visitors. Our forum requires that each new user’s first post must be reviewed by a moderator … Continue reading What is the purpose of hiding spam links in some obscure forum posts?
I’m working on a website that will require users to insert a valid email address, which will work as their unique user id. This email will not be used for communicating with the user, it is only ever used to verify that a particular user i… Continue reading Are SHA-256 hashes of user emails guaranteed to be unique?
Facebook Apptoken uses OAuth2 client credential code. But the client_id and client_secret are sent to the servier via HTTP GET method. Isn’t this unsecure ?
For instance, any node that has logging enabled between the client and the Facebo… Continue reading Isn’t Facebook Apptoken Oauth2 client credential unsecure since it sends login credentials request in GET URL?
There is a web server I’d like to recon using httprint.
But that web server has a basic auth protection on 443. Port 80 is not responding.
When I launch httprint, it says Unspecified Error
The same thing happens with netcat. It fails bec… Continue reading Can I bypass basic auth to fingerprint a web server with Httprint or netcat? [closed]
Let’s say I perform a nmap scan and discover a list of open ports.
If port 80 is opened, I will do this:
$ nc IP_ADDRESS 80
GET / HTTP/1.0
This will be a simple HTTP protocol request.
But what about other ports? Let’s say I found a ra… Continue reading How to communicate with a random service after a successful netcat connection?