On the gains and losses of an additional client side stretching of the user password

Picture a state of the art implementation of a website registration and login system.
I’m interested in analyzing what a defender gains and loses by feeding the user password to a key-stretching KDF function (e.g. argon2).
Let’s start from… Continue reading On the gains and losses of an additional client side stretching of the user password

On the gains and losses of an additional client side stretching of the user password

Picture a state of the art implementation of a website registration and login system.
I’m interested in analyzing what a defender gains and loses by feeding the user password to a key-stretching KDF function (e.g. argon2).
Let’s start from… Continue reading On the gains and losses of an additional client side stretching of the user password

Can packets on one home wifi network be sniffed by a computer on a different home wifi network?

It seems that every question I’ve researched on this topic makes the general statement "on my home wifi network" which doesn’t specifically address my question.
I’m about to start a new job working remotely at home using a laptop… Continue reading Can packets on one home wifi network be sniffed by a computer on a different home wifi network?

Exporting Data from Old Gear Through LCD Sniffing

Photo of the spectrophotometer in question, with a screenshot of the decoding software on the right

[Jure Spiler] was at a flea market and got himself a spectrophotometer — a device that measures absorbance and transmittance of light at different wavelengths. This particular model seems to …read more Continue reading Exporting Data from Old Gear Through LCD Sniffing

Is There an MITMf ScreenShotter plugin for modern tools like bettercap?

I am looking for a plugin like the ScreenShotter , which is capable of capturing a screen shot of other local network connected devices opened browsers pages using html5 canvas
A demo of ScreenShotter working
I am also unable to verify tha… Continue reading Is There an MITMf ScreenShotter plugin for modern tools like bettercap?

How network segmentation affects network monitoring/MITM and interconnectivity of devices

How does network segmentation affect network packet sniffing, man-in-the-middle attacks and interconnectivity of devices? I am mainly interested in understanding the possibilities of network malware or a "packet sniffing" hacker…. Continue reading How network segmentation affects network monitoring/MITM and interconnectivity of devices

Is authentication through mail clients safe when encryption is off?

When adding an account on a mail client, the SSL/TLS is usually turned off and the encryption method is ‘none’ (see Outlook example below).

Is the password safely sent through the internet when authenticating using the default settings?
I… Continue reading Is authentication through mail clients safe when encryption is off?