Collaborate Disseminate
I want to have users upload data, but need to ensure it stays secure and cannot be mixed up with or touch other users’ data. How do I do this with AWS?
Continue reading How do I create a site with secure user data upload on AWS? [closed]
I’m working on a project where I have to receive user data, encrypt that, save it in a database and then give it back. Which method would be the best/safest?
Continue reading What is the best way to encrypt user data in java? [closed]
A database admin is responsible for the operation of databases, whereas a database architect manages the design, implementation and maintenance of databases. Continue reading Database Administrator vs. Database Architect: What’s the Difference?
I have been studying Differential Privacy (DP) and there’s something I do not understand: why is the variance of the noise in most DP schemes constant across all individuals (assuming a one-to-one relationship between individuals and data … Continue reading Why do most DP mechanisms consider constant noise variance across data points?
Web Server : Oracle WebLogic 10.35
Machine : Oracle Linux Server 3.8
I was able to partially exploit this CVE. I can execute any command on server using HTTP request and redirecting its output to a file i.e
cat /etc/passwd > /tmp/succes… Continue reading Post Exploitation in Oracle web logic server 10.35 (Oracle Linux Server 3.8)
Sqlmap says "found x targets, y of them are testable". What makes a testable target for sqlmap?
There are functions like MD5 and SHA2 in MySQL which can be used to hash values before putting them into the database, or when searching over values.
As I proposed a possible solution in a comment to this answer to a question, I was told t… Continue reading What are the threats of using hashing functions that are built into the DBMS? (besides man-in-the-middle attacks)
What are the practical differences between them? i.e. a parameter referred to as being "dynamic" and "not dynamic"?
Continue reading What’s the difference between dynamic and static parameters in Sqlmap?
I was watching this video https://www.youtube.com/watch?v=Qm7k1CPFkIc about how to steal passwords and the guy mentioned that you can use shodan.io (a site that lists various devices connected to the internet) to find a database you can ea… Continue reading Do web-hosting sites like Heroku or Railway expose your database?
I have a key-value database that uses asymmetric RSA-OAEP encryption to encrypt the data. The data is stored in tuples of (public key, encrypted data). The user identifies their data by the public key, and decrypts it with their private ke… Continue reading Are there any downsides to publically available encrypted data?