Collaborate Disseminate
I was looking into spoofing a user agent but all that has come up so far is spoofing the browser type. However I can still see what kind of device I am using (tbh I’m not really even sure why someone would want to spoof the b… Continue reading Can I spoof my user agent so that the type of device I’m using doesn’t show up?
Suppose I find a library at https://github.com/someorg/somelib. I go onto NuGet and find the “same” library somelib.
Can I tell if the github source (or some version of it) matches what I am actually downloading from NuGet?
… Continue reading Github vs. Nuget source code
I have searched google for an answer to my question and can’t seem to find one. Maybe you can help me out. Is it possible to use somebody else’s IP addresses to post on a forum with? I am a moderator of a health website where… Continue reading Is it possible for a single user to route connections through several IP addresses?
I have searched google for an answer to my question and can’t seem to find one. Maybe you can help me out. Is it possible to use somebody else’s IP addresses to post on a forum with? I am a moderator of a health website where… Continue reading Is it possible for a single user to route connections through several IP addresses?
If my phone number is (212)555-1212 and Bob spoofs my number vias SMS to Alice, will Alice’s reply be sent to Bob, me or both?
EDIT: The concern is that the spoof prompts Alice to disclose information that Bob should not ha… Continue reading Reply to a spoofed SMS message
I’m looking for information on scams that target GMail users. I believe I found an article that discusses the attack in the context of bank fraud at Warning over text message scam that allowed ‘smishing’ fraudsters to steal £70,000 from pr… Continue reading Shmishing scam that targets Gmail access
I have seen some answers to questions on here from last year (@Sirens) about how fake iMessages can be created but I am looking to understand more about how the fake apple imessages can be inserted into a historical timeline … Continue reading iMessage spoofing
Yes, I know that after giving an SSH public key to someone else, one should always assume that it might have been swiftly published somewhere. (For instance, give your SSH public key to GitHub, and GitHub will publish it. E.g… Continue reading Can a malicious SSH server successfully *pretend* to know a client’s public key?
It’s there a way to bypass https (using mitm attacks) on browsers like chrome, firefox, etc?
I know it could be done in some way, exploiting the NTP port, but we need the interaction of the victim. And for this interaction t… Continue reading It’s there a way to bypass https nowadays?
Given the ubiquitous use of third party authentication providers in web apps today, how can end-users verify the authenticity of the login forms that collect their credentials? What’s to stop a malicious website from displayi… Continue reading How can an end-user verify the authenticity of a third-party authentication provider’s login form