Collaborate Disseminate
I was thinking of implementing this in software, starting with one password, with each new release being derived from that initial password.
(trying to find the name of this technique, I think it’s called a “hash chain”)
That way you can g… Continue reading Encryption password in program, to secure its centrally-stored settings?
I friend of mine has had a subdomain takeover occur. I’ve taken a look at his DNS and he had some dangling entries, but they were A records, not CNAMEs. The subdomain was pointing to an IP address on AWS.
I’ve read up on subdomain takeover… Continue reading Subdomain takeover with A record
Polyfill.io is malicious: https://dev.to/snyk/polyfill-supply-chain-attack-embeds-malware-in-javascript-cdn-assets-55d6
https://www.sonatype.com/blog/polyfill.io-supply-chain-attack-hits-100000-websites-all-you-need-to-know
However, I noti… Continue reading Is polyfill.io still an immediate threat?
I want to implement some sort of an Under Attack Mode for our application.
Of course I could use CloudFlare or any other solutions, but let’s say for the sake of a programming exercise I detect a malicious request – i.e. because they don’t… Continue reading What can I do to make it as hard/expensive as possible for a hacker if I’ve detected a malicious DDOS request?
Is it possible that Anti-Cybercrime Police catch and track DDOS black service buyer?
My IP is being attacked for years (DDOS) from IPs and IP ranges from hundreds of different IPs.
The story is:
I have a neighbor, he is an IT professional…. Continue reading Is it possible that Anti-Cybercrime Police catch and track DDOS black service buyer? [closed]
In the root folder of the web server I created a folder named index.php
Does this harden the link security in the web browser?
For example, if a bad robot visited a site to spam index.php webpage will the bad robot stop because it found in… Continue reading Does naming a folder index.php harden web server security? [closed]
If I want to store a global scoreboard for a game running locally on the user’s computer and I want to make sure that all the requests coming to the server are really generated by the game and not spoofed by the users, is there anything th… Continue reading Is it possible to send data from an open-source program but make it impossible for a user with source code to do the same?
I am a master’s student and I would like ideas for graduation projects in cybersecurity, provided that there is an existing problem and I propose and implement a solution to it. Do you have any suggestions?
Continue reading I want an idea for a graduation project in cybersecurity [closed]
I would like to protect a Gmail account from being hacked.
Suppose I use the following approach for login/authentication:
Username, Password
2FA via security stick
the stick is in a place that is not accessible to the attacker
Is there a… Continue reading Is this a safe setup to prevent email account hack?
I’ve observed that React can HTML encode specific characters to prevent XSS vulnerabilities in certain contexts. For instance, consider the following code in App.jsx:
function App() {
const XSSProblematicChars = "><‘\"(… Continue reading React chars to HTML encode?