Collaborate Disseminate
How do hackers place a RAT or Trojan on the target’s computer without downloading the files to the target computer, just by clicking on a link? Or can they take over the target’s computer by opening a file in the browser without downloadin… Continue reading How are hackers able to hack a target without installing malware? [duplicate]
Can the hijacked browser’s history and saved information be viewed?
Is it possible to create a backdoor in the browser? In other words, can it be secretly redirected to any site or downloaded and opened any file without the knowledge of t… Continue reading How can the Beef Tool be used? [closed]
Can the hijacked browser’s history and saved information be viewed?
Is it possible to create a backdoor in the browser? In other words, can it be secretly redirected to any site or downloaded and opened any file without the knowledge of t… Continue reading How can the Beef Tool be used? [closed]
I am currently working on an open source project to securely store notes, payment card numbers, etc. I would like to implement a zero knowledge encryption method so that no one but the user can decrypt this data.
Unfortunately, I am stuck … Continue reading Securely storing derived key in web app and handling user identity
Screen resolution can be a key aspect in browser fingerprinting; and also installed browser extensions;
Why screen resolution isnt needed at the server:
As a web developer, my SERVER never need to know the screen resolution;
In fact, the s… Continue reading How can I prevent the browser(s) from revealing screen resolution and plugin list? [migrated]
I’m trying to perform a brute-force attack using Hydra on http://testphp.vulnweb.com/login.php. The login credentials are "test" and "test" for both the login ID and password. Despite using the correct credentials it’s … Continue reading Hydra 0 valid passwords found despite correct credentials
Clickjacking is still very possible in 2024, because iframe embedding is allowed by default. Why is this the case?
In 2013 there was a question about why iframes exist at all (Why are iframes allowed at all in modern browsers?), which is o… Continue reading Why are iframes allowed by default?
Every month I’m reading about some zero-day vulnerability being exploited in Google Chrome. I’d like to roughly compare the situation with Firefox in some objective way. It’s ok if it does not fully capture everything (undisclosed vulnerab… Continue reading How can I get a count of high risk vulnerabilities of web browsers? [closed]
A great many websites leave "web workers" running in the background even after you’ve left their website and closed the browser tab.
I’m told that the only way to kill them all is to clear my cookies. But what would be inconvenie… Continue reading How to stop all web-workers? They’re draining my battery [migrated]
For software that process untrusted data and have an option to use hardware acceleration, does enabling hardware acceleration increase the attack surface of the software? Examples of situations where typical software process untrusted data… Continue reading Does enabling hardware acceleration increase the attack surface of software?