Collaborate Disseminate
Hacking — at least the kind where you’re breaking into stuff — is very much a learn-by-doing skill. There’s simply no substitute for getting your hands dirty and just trying …read more Continue reading Hacking an IoT Camera Reveals Hard-Coded Root Password
I am currently developing a web application where I need to ensure that retrieved data (stored in database) have been generated by one or multiple (in the case of clustered applications) application. The idea would be to store a hash of th… Continue reading Authenticate web application generated data
Content removed because this was spam
May I have some guidance for a project I am working on?
These are the requirements:
A Dataset needs to be submitted in a .csv format, delimited by ‘|’
The Dataset needs to be submitted periodically (once per month)
There are ID columns in… Continue reading Assure Deterministic Hashing/Encryption Process can be Replicated if Rebuilt
A common principle in InfoSec is Defence-In-Depth.
When encrypting sensitive data, it might make sense to have the data encrypted a few times.
Veracrypt does this for example with the AES-Twofish-Serpent algorithm
A good practice is to sto… Continue reading Multiple Layers of Hashing when storing passwords [duplicate]
I’m currently designing a user authentication system for a web application, and I am considering best practices for storing user login information. While it’s common to hash and salt passwords (with bcrypt/argon2) to protect against data b… Continue reading Should mail addresses for logins be stored hashed to minimize impact of data loss?
There is an argument that if the Proof-of-Work (PoW) mechanism is removed from the Bitcoin network or if the puzzle does not have a sufficient level of difficulty proportional to the computing power of the network, the chaining of transact… Continue reading Is PoW an indispensable component in blockchain? [closed]
As far as I’ve heard, hashing a disk image before computer forensics is started, and then comparing that hash to a new hash after the forensics is finished is the most common way to make sure that there is no tampering with the disk during… Continue reading Are there better methods of sustaining forensic integrity apart from disk hashing?
I’ve been looking at hash security, and how tools like hashcat and John The Ripper work. I seem to have misunderstood some basic stuff, and would appreciate some clarification on:
If you’re pen testing, and you’ve got a hash that you’re t… Continue reading Hash security and penetration testing [closed]
pbkdf2:sha256:600000$m28HtZYwJYMjkhJ5$2d481c9f3fe597390e4c4192f762188bf311e834030a11e069019015fb336c14
This is the format in which I have the hash. I also have a dictionary which consists of the actual password. How do I use some tool (lik… Continue reading Crack hash with given salt and dictionary