net – Page 23 – WindowsTechs.com

Stream-based approach to AES-GCM

Posted on September 8, 2018 by Randolph

Motivation

In .NET, there is a limited support for AES-GCM. The maximum array length of 2147483591 imposes a restriction on the maximum size of a byte sequence that can be encrypted — roughly 2 GB. It is likely that a custom… Continue reading Stream-based approach to AES-GCM→

Make application use encrypted credentials from a file

Posted on August 27, 2018 by naxcuo

I am new to cyber security but I am working on a project where I need to use it and I don’t know where to start.

The application I am working on connects to Jira to retrieve data and generate reports. For the connection, I… Continue reading Make application use encrypted credentials from a file→

How to obfuscate a assemblies binary compiled with .NET framework?

Posted on August 14, 2018 by fleud

How to obfuscate a binary compile with .NET framework? Tools such as Ebowla and Pecloak.py will encrypt it but the program won’t run. Even UPX can’t pack it. Wondering are there any ways to obfuscate it?

Continue reading How to obfuscate a assemblies binary compiled with .NET framework?→

Garbage collection and vulnerabilites

Posted on August 7, 2018 by bonugoso

This might be a trivial question for many, but unfortunately not for me. So I wondered if I’m using vanilla PHP (v 5.x) procedural style, will there be garbage collection? As far as I understand GC, it is memory managament to… Continue reading Garbage collection and vulnerabilites→

Replacing single quote with double single quote (SQL Injection sanitation) [duplicate]

Posted on August 3, 2018 by I'm here for Winter Hats

This question already has an answer here:

How to defeat doubling up apostrophes to create SQLi attack?

3 answers

Let’s sa… Continue reading Replacing single quote with double single quote (SQL Injection sanitation) [duplicate]→

HTML Form to PDF vulnerabilities

Posted on July 25, 2018 by mang

I have a form where the user inputs data. On the back end, I’m taking some of that data and embedding it into a PDF using ActiveReports and displaying it back to the user and also saving a copy on our server.

Using C# and A… Continue reading HTML Form to PDF vulnerabilities→

Veracode still reports OS command injection issue after I have applied the solution as recommendations from OWAPS and Roslyn Security Guard [on hold]

Posted on July 24, 2018 by RDeveloper

Current code in my project is shown below and Veracode reports there is an OS command injection

filename = Regex.Replace(filename, “[^a-zA-Z0-9_]”, “_”) & “.svg”

ProcessStartInfo startInfo = default(ProcessStartInfo);
… Continue reading Veracode still reports OS command injection issue after I have applied the solution as recommendations from OWAPS and Roslyn Security Guard [on hold]→

Insecure Deserialization in C# (.NET) – How to identify and test

Posted on July 11, 2018 by Ogglas

I have been reading up on Insecure Deserialization and how it can affect Java applications.

https://owasp.org/index.php/Top_10-2017_A8-Insecure_Deserialization

If the captured traffic data include the following patterns it… Continue reading Insecure Deserialization in C# (.NET) – How to identify and test→

Secure MVVM Login System ?

Posted on July 3, 2018 by Pielroja

So what is the securest way of creating a login system with holding data of the user logged in?

I want to learn MVVM and I also want to do a Login System.

First Problem / Question

Should I create a LoginModel just for the … Continue reading Secure MVVM Login System ?→

Quick look your right eyes and ears while using public WiFi network

Posted on July 2, 2018 by Waqas

By Waqas
Research has revealed that public WiFi networks are more dangerous
This is a post from HackRead.com Read the original post: Quick look your right eyes and ears while using public WiFi network
Continue reading Quick look your right eyes and ears while using public WiFi network→