Collaborate Disseminate
Despite using a VPN, an application natively running on an Android device can get lots of information about its host (like hardware IDs or sim card information) which defeats the whole point of using a VPN with the purpose of anonymizing y… Continue reading What are some ways to prevent an application from getting a device "fingerprint"? [migrated]
Does YouTube and or Google use browser fingerprinting? For instance using JavaScript to test various characteristics of the browser like how the canvas looks the fonts installed webtl data etc to create a unique hash to identify a user wit… Continue reading Google & YouTube Browser Fingerprinting [closed]
Let us assume that we have a public API, for example, company.com/publicEndpoint, that can accept requests from any source. Various websites, like foo.com and bar.com, use JavaScripts that call this endpoint to retrieve a list of strings, … Continue reading Is there any secure way to make sure that a request comes from a browser and via a specific domain (by just using frontend)?
I worked for a company where our TLS Private Key was accidentally leaked to the Internet and it was a big mess. The strategy the security team came up for avoiding this in the future was "be more careful who you trust with access to t… Continue reading TLS Private Key Secured with Hardware Fingerprint
I’m building a simple CLI password manager. My current version uses getpass to securely read the master password in the shell which will be used to decrypt a stored password and copy it to your clipboard.
Since I’m using a Mac I thought it… Continue reading How to build a simple but secure password manager using a fingerprint sensor [migrated]
During my work day, I came upon a website that had a popup that identified the company I work for(basically saying "contact us X company"). This website was never previously visited, cookies were blocked and the company I work fo… Continue reading How can websites fingerprint the company I work for?
How do you hide your browser finger print from advertising networks without disabling javascript?
Is there a browser extension that can help mask unique browser fingerprint? Browser finger print can be things like available system fonts, g… Continue reading How do you hide your browser advertising fingerprint?
If I took a picture with my mobile phone and wanted to publish that photo without any artefacts connect to me, the first thing I would do is strip all of the image metadata with ‘exiftool’:
exiftool -all= IMG_1234.JPG
… but it is well un… Continue reading Possible to avoid device fingerprinting with imagemagick?
I know all baseline steps to do DNS enumeration over a domain. But my questions is: how can I enumerate a server when I do not know which domain it is managing and I only have its IP address?
My scenario: I discovered 2 DNS servers running… Continue reading DNS Enumeration by IP Address
I run a small agency managing numerous Google accounts and am trying to determine the best route for managing/hiding fingerprints on mobile from Google, outside of good dedicated proxies (which I already have/use).
I want to be able to log… Continue reading Limiting Mobile Fingerprints For Google?