Collaborate Disseminate
When I submit an Customer Reference ID in an Android Application it POSTs an Encrypted String to an API Endpoint.
For example, if I enter the following CR ID :
"CR-13261150"
it POSTs the following Encrypted Data:
splainText : &q… Continue reading How to Find Encryption when knowing Input Plain Text and Output Encrypted Text? [duplicate]
useless question, sorry, kindly delete
Continue reading How to solve this CTF challenge (encoding)? [closed]
This is my first post here.
Following problem, maybe someone has time and knowledge to help a little bit with a hint.
Problem statement: I have an unknown 83 bytes long payload which I would like to decode/decrypt/decipher…
I got an alarm … Continue reading How to decode/decrypt/decipher an unknown 83 bytes long UDP payload?
When I submit an Customer Reference ID in an Android Application it POSTs an Encrypted String to an API Endpoint.
For example, if I enter the following CR ID :
"CR-13261150"
it POSTs the following Encrypted Data:
splainText : &qu… Continue reading How to Find Encryption Type by Seeing Encrypted Text? [closed]
Restrictions:
Access token will be short lived (2 minutes)
Access token will be one-time use only.
Given a strong random algorithm, would it be considered good practice to generate an opaque access-token by generating 256/512 random bits… Continue reading Good practice for generating opaque access-token
Occasionally I see hexadecimal encoded data presented with colon characters (:) separating each octet.
For example CA:FE:BA:BE… or de:ad:be:ef…
Is there a formal (or common) name for this style of formatting?
Obviously, without the col… Continue reading Name of hexadecimal encoding with colon separators?
I’m curious to check what could be some possibly secure and recommended ways through which I could send a password as part of a GET request in rails? Just to be explicit, we’re using HTTPS in general.
High level overview of the use case: O… Continue reading How to send a password securely as part of a GET request in rails?
I am practicing some malware detection basics and it has caught my attention that the Cyrillic alphabet is not detected by practically any traditional string detection tool.
Source Code
while (strcmp(password, user_input) != 0)
{
p… Continue reading Floss and many tools not detecting cyrillic strings in binary
I have a java web app. I’m using OWASP Java Encoder to encode for html, javascript and url components to mitigate reflected XSS. I’m new to this so I’m not sure on how to test on my web app for the following scenarios where there’s no dire… Continue reading How do I test for Reflected XSS in webpage titles, url parameters and javascript variables?
I have a java web app. I’m using OWASP Java Encoder to encode for html, javascript and url components to mitigate reflected XSS. I’m new to this so I’m not sure on how to test on my web app for the following scenarios where there’s no dire… Continue reading How do I test for Reflected XSS in webpage titles, url parameters and javascript variables?