Collaborate Disseminate
I have searched google for an answer to my question and can’t seem to find one. Maybe you can help me out. Is it possible to use somebody else’s IP addresses to post on a forum with? I am a moderator of a health website where… Continue reading Is it possible for a single user to route connections through several IP addresses?
If my phone number is (212)555-1212 and Bob spoofs my number vias SMS to Alice, will Alice’s reply be sent to Bob, me or both?
EDIT: The concern is that the spoof prompts Alice to disclose information that Bob should not ha… Continue reading Reply to a spoofed SMS message
I’m looking for information on scams that target GMail users. I believe I found an article that discusses the attack in the context of bank fraud at Warning over text message scam that allowed ‘smishing’ fraudsters to steal £70,000 from pr… Continue reading Shmishing scam that targets Gmail access
I have seen some answers to questions on here from last year (@Sirens) about how fake iMessages can be created but I am looking to understand more about how the fake apple imessages can be inserted into a historical timeline … Continue reading iMessage spoofing
Yes, I know that after giving an SSH public key to someone else, one should always assume that it might have been swiftly published somewhere. (For instance, give your SSH public key to GitHub, and GitHub will publish it. E.g… Continue reading Can a malicious SSH server successfully *pretend* to know a client’s public key?
It’s there a way to bypass https (using mitm attacks) on browsers like chrome, firefox, etc?
I know it could be done in some way, exploiting the NTP port, but we need the interaction of the victim. And for this interaction t… Continue reading It’s there a way to bypass https nowadays?
Given the ubiquitous use of third party authentication providers in web apps today, how can end-users verify the authenticity of the login forms that collect their credentials? What’s to stop a malicious website from displayi… Continue reading How can an end-user verify the authenticity of a third-party authentication provider’s login form
I know an email was sent using the online service emkei.cz. Is there a way to find out who used that service to send the specific email I received?
I know an email was sent using the online service emkei.cz. Is there a way to find out who used that service to send the specific email I received?
How does one protect themself from a DNS compromised site, which also has had their SSL private key stolen? Short of monitoring which IP the packets are being sent to.
Edit: Or even without the private key, could they not ju… Continue reading Protecting yourself from DNS spoof