Collaborate Disseminate
We develop a website in JAMStack, all URLs are static HTML page, and each interaction with the server are made by a fetch call on our REST API (micro-services).
When a user sign in, we want to proposes an option to permit them to stay conn… Continue reading Protection against user session attacks (hijack, replay, tampering, CSRF, XSS…)
I’m an end-user and I have a technological background only about security and hacking.
I have a problem in my network from 5 days ago. Whenever I try to access any HTTPS website (ex: Facebook, Google, YouTube), I got a message that an atta… Continue reading Is my network intercepted or poisoned? [closed]
I’m trying to recreate a DHCP spoof (MITM) attack where the following is done:
Step 1 is to perform a DHCP starvation attack to exhaust the DHCP server’s IP pool, making it unable to issue IP addresses to new clients.
Step 2 is to set up a… Continue reading DHCP NAK from original DHCP server interfering with Rogue DHCP server
I’m studying up protocols, authentication and attacks for a class I’m taking, but I’ve encountered a question that I just cannot figure out.
If Alice and Bob have the below protocol and the session key, which is achieved in 3 messages and … Continue reading How can Trudy attack the protocol where both Alice and Bob complete authentication and Trudy gets the session key?
I am trying to intercept traffic to and fro an embedded device using an ESP8266 (ESP-WROOM-S2). I have set up my computer as a wifi hotspot, and re-routed all hotspot traffic to run through mitmproxy. The TLS (v1.2) handshake though fails,… Continue reading ESP8266 MiTM interception of TLS1.2 and certificate pinning
I recently stumbled across the gtm-cloud-image. It’s a Node.js server intended to be deployed in the domain space of a client’s website. It will load a script from https[://]www[.]googletagmanager[.]com/static/serverjs/server_bootstrap[.]j… Continue reading google tag manager server side tracking/ possible MitM attack gtm-cloud-image
Ok, I have a Wifi Cam and its connected via my router to a server located in the far east. What I would like to do is identify where the traffic is going. I would then like to divert traffic to a local IP address and mimic that mimics the … Continue reading IP/Wireless Cam – connected to cloud
Ok, I have a Wifi Cam and its connected via my router to a server located in the far east. What I would like to do is identify where the traffic is going. I would then like to divert traffic to a local IP address and mimic that mimics the … Continue reading IP/Wireless Cam – connected to cloud
Ok, I have a Wifi Cam and its connected via my router to a server located in the far east. What I would like to do is identify where the traffic is going. I would then like to divert traffic to a local IP address and mimic that mimics the … Continue reading IP/Wireless Cam – connected to cloud
Is it possible for a country to restrict any encrypted internet connection to some computer outside of the country, or if absolutely necessary just use a mitm(man-in-the-middle) to guarantee they can see the content? I know that the user w… Continue reading Why encrypted internet connections can’t be censored or blocked by a country willing to do it? [duplicate]