Collaborate Disseminate
I’m trying to set up cURL to get data from remote server at any sitaution. I use –tlsv1.3 –tls13-ciphers TLS_CHACHA20_POLY1305_SHA256 –http2 to make it as secure as I can think of, using Windows 11. (tried http3 but cURL said it’s not f… Continue reading is it necessary for cURL to check for CRL in Windows?
How can I fuzz any part of the URL with any strings, append string on middle of the URL or in any part of the URL?
Suppose a URL like this,
https://example.com/Fuzz/hello.html
And I want to add something, on "Fuzz"
So the full U… Continue reading Path fuzzing using curl [closed]
I am trying to connect to a server using SFTP protocol
To connect successfully, I had to do the following from the centos terminal.
sftp -o KexAlgorithms=diffie-hellman-group1-sha1 -o Ciphers=aes256-cbc USER_NAME@IP_ADDRESS
Now I want to … Continue reading Curl how to specify KexAlgorithms and Cipher [migrated]
I have a client which connects to a server securely on multiple protocols, namely MQTT and HTTPS.
Because of the following CVE, CVE-2009-3555, we decided to disable all client-initiated session renegotiation. We also decided to keep server… Continue reading Disable client-initiated session renegotiation from the client side
Learn how to write plain-speaking and purposeful security advisories from one of the most widely-used open source tools in the world. Continue reading Serious Security: Learning from curl’s latest bug update
I want to capture HTTPS traffic, save it, and validate it at a later time. I want to ensure that at a later time I’m able to validate the HTTPS traffic using the certificate which was presented at the handshake.
Any ideas how to do that? I… Continue reading Validate HTTPS traffic at later time [duplicate]
for example, you want to do // without commenting how do I do it (I’m trying to access a URL using curl)
Continue reading How do I use the Double slash comment in c++ without commenting
I published the following diary on isc.sans.edu: “Infostealer in a Batch File“: It’s pretty common to see malicious content delivered as email attachments. Every day, my mailboxes are flooded with malicious content… which is great from a research point of view. Am I the only one to be happy when I see
The post [SANS ISC] Infostealer in a Batch File appeared first on /dev/random.
I am doing some web scraping for streaming files, .m3u8 mime type. In this particular instance, I can’t create a functional request that does not end up with a 403 Forbidden error.
How to reproduce:
Go here in the browser: https://sbplay…. Continue reading Url only works from the browser it is generated from. Copying it into a Curl Command fails, and gives a 403 error. How can I fix this?
I’m writing an API which is running on my own web server written in Go. I have a local environment set up to run it all under HTTS using a self signed cert and it all works great. It all works and I can see that the traffic is indeed encry… Continue reading Does using the "-k" flag with curl disable only the certificate verification?