Collaborate Disseminate
Learn what Google Cloud Platform (GCP) is, explore its core services, features, and benefits, and discover how it powers businesses with cloud computing solutions. Continue reading What is Google Cloud Platform (GCP): All You Need To Know
Learn what Google Cloud Platform (GCP) is, explore its core services, features, and benefits, and discover how it powers businesses with cloud computing solutions. Continue reading What is Google Cloud Platform (GCP): All You Need to Know
Would there be any security concerns saving mongod.conf to $HOME/web-server/mongod.conf instead of /etc/mongod.conf ?
If the config was under $HOME/web-server/mongod.conf would that mean someone (or a buffer-overrun executable) could chang… Continue reading putting database mongod.conf under $HOME/web-server/. instead of /etc/
At $work we need to store a sensitive attribute of a user (say SSN – so, short and with a small keyspace) and look up the user based on this attribute when data is submitted into our system. We cannot use off-the-shelf bcrypt/scrypt/etc. b… Continue reading How can I securely store a sensitive user attribute used for account lookup?
I’m doing a website PT lab and I’m trying to figure out SQL vulnerability in MariaDB.
After some scanning I found the /api/ path, and one of them gives the desired SQL
I found out that ‘ gives me the desired SQL error:
My request:
GET /api… Continue reading MariaDB SQL Injection
I think this should be the right SE, apologies otherwise
I have been researching ways to be more careful with how I handle important documents and credentials, but everything I found sounded incredibly inconvenient to use so I would like t… Continue reading Offline, multi-machine, 2-factor authentication information vault?
I am working on a application which requires session token to commence trading activities. This will be hosted on a cloud based Linux VM (Ubuntu) and a managed MySQL database.
Session token are generated using a TOTP. I have build this app… Continue reading Storing TOTP keys
So a while ago I was talking to a guy who was a high-up security officer for a big bank, and he told me something interesting. He told me (and this isn’t private information or anything,) that after about five incorrect guesses of the pas… Continue reading At what point does data wipe after incorrect password attempts become reasonable? [closed]
I was working on a target where sqlmap detected boolean based time blind injection. Everything was working perfect but you know it was time blind injection so I knew that this is going to take forever to dump database. So I pressed ctrl+c … Continue reading Accidently used –flush-session –batch in sqlmap tool. Need help!
Ok- so you all probably know that a hash is used to help secure a stored password in a database, if it was stolen.
When a user logs in, and enters a password, it gets hashed, and then matched to a hash in the name of the user that tried to… Continue reading How do databases/companies change their hashing algorithm? [duplicate]