How and in what scopes can Linux Environment Variables be secured?

I read an interesting article about securely inputing secret info into a command using pass (a wrapper for GnuPG) and environment variables in Linux; but in order to do this one needs to use environment variables. How secure are environment variables a ...

Looking for a Fuzzing on Windows for Command line application with flags and parameters

I have a command line application that takes flags and parameters. I am searching for a ready to use Fuzzing framework with minimal installation steps to see if Fuzzing is feasible to my organization. In my search, I am either ending up with Linux based ...

Looking for a Fuzzing Framework on Windows for Command line application with flags and parameters with structured input

I have a command line application that takes flags and parameters. I am searching for a ready to use Fuzzing framework with minimal installation steps to see if Fuzzing is feasible to my organization. In my search, I am either ending up with Linux based ...

Can you input card information that you already have to a blank card with writer

If you have card info and a mag reader and writer can you just input the card info you do into computer on blank card by typing it

Meterpreter reverse shell alternative

What can you do if you are behind NAT but can't do port forwarding and don't want to pay for a virtual server with internet-facing IP? I read the answer to this question which suggests some tunneling software (e.g. ionide, pwnat) but those have to be ins ...

NSAIDS China http://www.am-foodchem.co
m/veterinary-api/nsaids/

Analgin CAS number: 5907-38-0 Molecular formula: C13H16N3NaO4S Molecular weight: 333.34 Chemical Structure: Product NameAnalgin Shelf Life4 years Packing25kg/drum Sp
ecificationDAB10/EP7.0NSA
IDS China website:http://www.
am-foodchem.com/veterinar
y-api/nsai ...

yubikey creating different ssh public key having same GPG

I have 2 yubikeys and both are having the same GPG master key besides 3 subkeys for encrypting, signing and authentication, I can encrypt/decrypt and everything regarding gpg seems to be working fine, the problem is when I am trying to use both keys for l ...

Travel informations and passport

i travel a lot and i am looking a good way to send my travel informations, like hostel, passports etc .. to my familly before leaving. Thoses informations are confidentials. Actually i am using a Zip to send those informations to my familly by email, but ...

Travel information and passport

I travel a lot and I am looking a good way to send my travel information, like hostel, passports etc. to send to my family before leaving. This information is confidential. Actually, I am using a Zip to send this information to my family by email, but I ...

gpg --armor --export-secret-key differ on last 4 characters

I created a backup of a gpg key by doing: gpg -a --export-secret-keys [email protected] > private.key gpg -a --export [email protected] > public.key Then on another system, I import them: gpg --import private.key gpg --import public.key I trusted the key as ultimate, a ...

About verifying GPG4Win binary before using it

I've taken interest in GPG4WIN but I want to be sure that the binary file I downloaded can be trusted. I do not have previous trusted release installed on a Linux OS and I need a trusted software to check if the Tails file I downloaded is ok to use. So ...

How dangerous is disclosing a table's structure to users?

I apologize if this is a dumb question. I recently came across a website that embedded its error log out in a JSON response if the request to the website failed. In this case, it appeared there was a DB mismatch and it printed the SQL request, including ...

HIPAA non-business associate for contract work

I have been asked by the sole owner/employee of a blood testing business to make her a web site. This web site would simply be used to schedule appointments for her patients. For this reason information such as Name Phone number Address Email Address ...

Trouble with EC256 signing algorithm

Apple Mapkit JS requires users initialize Mapkit using an ES256 signed JSON Web Token. My understanding is that most JavaScript signature libraries require a private RSA key to sign stuff using ES256, but Apple provides a PKCS#8 private key for performing ...

Crawling or dorking for specific online files

I searched the internet using dorks and non dorks (less) to find specifically named files. I tried inurl:ceneo.xml, searched internet for any clues how to gather as much as I can of this files, maybe you can do it on deep web or using some tool to search ...

One Way UDP, reliability?

I've been doing a lot of research onto my project that has a one way connection, and using udp. My application requires reliability, would you say its best to use TCP for this use case or is there some way to allow udp to be reliable in the sense of pack ...

Regarding small office and residential packet taps and inspectors seconion and graylog

I was looking for a pre-spec'd bare metal server that could host Seconion and Graylog. Ive done some of my own searching around and Id rather not run a VM. And as opposed to me putting together a best-effort config only to find out for example Broadcom ...

Pinhole communication with air gapped network

A long time ago ago I worked for a small bank. We used a physically separated network to host our internal servers that handled all the transactions, as well as the workstations accessing the system. One day someone came along and wanted to build a perl- ...

Best website penetration testing App

It's not possible for me to use desktop always. So, I need to use my Android Marshmallow 6.0. But, I didn't found any useful tool for android which will help me in penetration testing. I'm looking for an app(browser) which give opportunity of the service ...

Who "brands" vulnerabilities?

It appears that every time there's a vulnerability discovered major enough to hit the news, its been assigned a brand name and often even a logo. Heartbleed, Spectre, Meltdown, Foreshadow, etc. Who decides and produces these? Is it typically the person / ...

Lost all lists for OWASP ZAP for Mac (Forced Browse) - where do I find the .txt lists?

It used to be called dirbuster. I just can't seem to find the .txt lists even though they all show up in settings, but I can't export the word lists to get it all back.

Lost my custom data files for OWASP ZAP (Forced Browse) - where do I find the data in ZAP?

The tool used to be called dirbuster. I imported my own lists then lost the source files. I can't export the wordlists from ZAP. How can I find the data in ZAP so that I can recreate the source files?

Why is storing passwords in version control a bad idea?

My friend just asked me: "why is it actually that bad to put various passwords directly in program's source code, when we only store it in our private Git server?" I gave him an answer that highlighted a couple of points, but felt it wasn't organized eno ...

Luks+Sleep: Login screen security?

Situation: A Desktop Linux (eg. Debian, Xfce desktop, Lightdm login) with LUKS-encrypted partitions (as far as possible, eg. Efi files are not encrypted of course). The computer is in sleep mode (not hibernate, ie. Luks in unlocked and key in RAM). Now ...

What is the relationship between Windows BitLocker and Hasleo BitLocker Anywhere?

Whilst researching alternatives to BitLocker which work on Windows 10 Home, I came across a product called "BitLocker Anywhere" from Hasleo. Since they use such similar names I was trying to figure out if they are related. Is this a completely separate a ...

issue with sakura X(Sasebo GIII)

i am working on sakura-x( Sasebo GIII) board for side ch attacks. even after changing the AES S-box to some other S-box, i am getting output of original AES(283 irreducible polynomial) S-box. how can i implement 369-irreducible polynomial in the board for ...

GuildFTPd - how to get a reverse shell

I am working on a vulnerable box on VMware. It has GuildFTPd running on port 21 and vulnerable to anonymous login and I was able to login and list some dirs and files, even get and upload some stuff to the server. My question is "Is there any way that I c ...

Maltego limitation

I would like to understand the limitation mecanism in Maltego and how to exceed it. Is there a way to write my own local transform and machine in order to get similar results without limitation ? I'm discovering Sploitego framework from @Nadeem Douba in o ...

Will my own local transform script have a limitation in Maltego community edition?

I would like to understand the limitation mechanism in Maltego and how to exceed it. Would it be permietted to write my own local transform and machine in order to get similar results without limitations? I'm discovering Sploitego framework from Nadeem D ...

can my corporate firewall read my https packet?

From what I know, with https the packet is totally encrypted except its destination. Does that mean that my corporate firewall and the guys working there will not be able to read my https packet in any other way? If they can extract some info out from i ...

Are any of the Portable Python distros secure?

Are any of the portable python distros secure, or are they generally suspect? These are python distros that can be carried about on a thumb drive.

Get sender from eml file GMAIL

Is posible get the sender ip address from EML file ? Maybe using some suite of tools in linux.

How useful is PDF signing in real world usage?

Background senario: So we had a problem where our system (Alice's shiny widgets) generated a PDF with a quote amount for 10 widgets. Someone (Eve) took the PDF, altered it to increase the price by 20%, they then presented the PDF as an expense claim to th ...

What enables hash function to produce uniform distribution given any distribution of input

I always take the uniformity of hash output as a given and didn't think much of it. Now I am kind of curious, how does good hash function like sha guarantees output uniformity. Intuitively, given 1:1 input cardinality to output cardinality, the same amou ...

Getting a M2IzYzlm.exe in task manager

Getting a M2IzYzlm.exe in task manager, It pops up after a certain interval of time and switches off my wifi, when I right clicked and tried to locate it, it shows a folder with a weird name inside the Program Files. Scanned the laptop with Rogue Killer, ...

How to obfuscate a assemblies binary compiled with .NET framework?

How to obfuscate a binary compile with .NET framework? Tools such as Ebowla and Pecloak.py will encrypt it but the program won't run. Even UPX can't pack it. Wondering are there any ways to obfuscate it?

How does Github authentication work (command line, api)?

I'm currently working on a project in which I have a tiny server which I am giving a friend limited access to. They can modify files, some of which are executable, and (should they want to) potentially get a script with root access to run. I'm not worri ...

What can be recovered? Securely deleted files

I’ve recently got into a little trouble and need advice. It seems I may have inadvertently downloaded a illegal file from a p2p network (along with 100’s of other legal files). I was certainly not aware of this nor have I viewed anything like this (!) ...

The Point of Using These Two Encryption Options?

I'm trying to decide whether to use the "Whole disk" option or "System partition" for Veracrypt. I installed Windows in Legacy mode using MBR volume. They both work but was wondering what the point is on only encrypting the System partition. Aren't all yo ...

How to extract the information about the stack or EIP/RIP registers from the ASAN (sanitizer) crash output?

I am testing Netwide Assembler(NASM) and verifying the latest bug [CVE-2018-10254] Stack-buffer-overflow (out of bound read). I am trying to overwrite the EIP/RIP and make it crash but I don't know why it is not crashing without ASAN (google sanitizer) b ...

PGP public key visible

I have found a page with a Lots of PGP public keys. There is a email address on url. And This page start with ------Begin PGP Key Block------- mQINBFt....
.... ................ ... ............... ........... .... ....... ................ ........
.. ...

PGP public key is visible

I have found a page with lots of PGP public keys. There is an email address on url. This page starts with ------Begin PGP Key Block------- mQINBFt....
.... ................ ... ............... ........... .... ....... ................ ........
.. ... ...

Is this code as insecure as it looks?

The company I work for is looking for a payment processor. Ideally we want a fully and seamlessly integrated solution. I came across this from one of the recommended companies I had to look in to This is from a sample page. I don't have a sandbox account ...

Does preventing password recycling increase or damage overall security?

The general opinion on password complexity seems to be that complexity rules are counterproductive to security due to the human nature [1]. Does this also apply to rules against reusing of old passwords? What are the actual benefits (or disadvantages) of ...

Does exchanging a random number before diffie-hellman make it more secured?

I believe one of the way to make diffie-hellman key more secured is to actually send a random value (g^rA mod p) and (g^rB mod p) between Alice and Bob first. Now since both have the random value, the shared Key will be K = g^rAxB + g^rBxA. I researched ...

How to purchase Microsoft Office 365 for MAC

My boss's Microsoft office 365 has expired. He asked me to prepare necessary documents required to purchase another one. I do now have an idea on how to purchase such because he is using MACbook. I never had background on MAC. Do I need to specify to purc ...

Does a separate app server with a web service do much for security?

If you have a web site hosted on an app server and a database hosted on another server, does pulling your data access code and connection string off you site's app server and putting it on a middle app server that sits between the two with a web service o ...

Using a smartphone off the grid

I am planning to use a smartphone as a media player and maybe to read the occasional ebook or pdf. If I were to turn off all connectivity, e.g., bluetooth, wifi, gps, then remove the sim card and/or put it in airplane mode, is there still a way the phone ...

How API Gateway for microservices simplify CORS?

Maybe there are Gateways that already has the CORS support implemented?

How a public dns server could return wrong results

I live in a country which is under many sanctions. Both internal sanctions (government on people) and external sanctions (US on our people). In our country youtube, twitter, facebook and many other sites are blocked by default and we could only access ...

How could a public DNS server return bad results

I live in a country which is under many sanctions. Both internal sanctions (government on people) and external sanctions (US on our people). In our country, youtube, twitter, facebook and many other sites are blocked by default and we can only access t ...

How to mitigate bypass OTP on Android App?

I have Android app which require username and password for the first step, and OTP for the second step. Let's assume I just passed the first step, now I'm facing the second step there is input box to enter OTP PIN which sent to phone number. When I ente ...

Practical implications of using a service like ProtonMail

Recently I found out about ProtonMail, which has been promoted as a more secure email service than services like Gmail. According to the creators of ProtonMail, Google can read all Gmail emails, and often does (in an automated way) in order to present ta ...

CSIRT Softwares

im wondering what kind of software csirt's use to manage their work? To catalog incidents and responses and also manage risks. If you can kindly point some to me, would be great.

Can Whatsapp be MAC spoofed if the victim's device isn't on the same local network as the hacker's device?

I realize MAC address is only used to tell different devices apart if they are on the same local network. So, what if they're not; is MAC spoofing Whatsapp still possible? Even if the perpetrator obtained the confirmation code from my phone, would it be p ...

Could letters alone in a longer password be just as strong as one with digits and specials?

When considering the strength (or secureness) of passwords and passphrases, where some can have a mix of letters of either case, numeric digits, punctuation characters, arithmetic operators, and any other character, and some are longer with just letters o ...

How do I trust an intranet site

I'm completely new to working with pki and I have spent a couple of days trying to understand how to configure my environment properly (centos 6). Another group within my organization sent me the following files from an intermediary CA. .p12 .pem .key ...

OpenVPN use auth-user-pass with a file and authenticator

I have an open vpn configuration with the lines auth-user-pass my-login-creds.conf stati
c-challenge "Enter Google Authenticator Code" 1 in it. When I try to connect with openvpn my-config.ovpn I get the error AUTH: Received control message: AUTH_ ...

Is the OAuth2 authentication code long enough to be secure?

I have recently started working with the OAuth2 authentication flow. In using it, I see that in the authcode flow, the client allows the AuthServer to authenticate a user, and then returns an authentication code to the client, which the client will then e ...

Managing trusted certificates revocation in containers in as "cloud native" means as possible

This is a bit of a tough question to ask so bear with me a bit. I'll try to be brief if I can. I'm looking for a modern best practice for managing and deploying trusted certificates in Docker containers. I know I can bake the certificates into each conta ...

Port forwarding to ip address in LAN that is not available

Consider the following situation: In a LAN the router is configured to forward one incoming port from the WAN to a specific local ip-address/port. My question is, how is the security in this situation impacted compared to a router, which does not perform ...

Possible wiretapping by neighbor

Some time ago, a neighbor moved across our place and set up shop there. Because this neighbor practically blocks up the road ajacent, this neighbor had taken up the habit of parking right in front of our property. On top of this, this neighbor also buys a ...

Does PCI-DSS password guidance apply to service accounts?

A service account is a user created for the sole purpose of running an application. For example, an online banking web site may have a single service account under which the code runs. This differs from end user accounts. Service accounts, like any other ...

What are the circumstances in which it's not foolhardy to have access to your primary email address through your smartphone?

Is keeping a daemon to run a SSH tunnel safe?

I have a web app hosted in Digital Ocean and use Laravel Forge to keep a daemon running an SSH tunnel to another server (i.e. ssh -L XXX:127.0.0.1:XXX -p XXXX [email protected][ipaddress]). I do this in order to stay connected to a remote DB in that server. Is ther ...

Is running an SSH tunnel from my Web App Server to my Database server safe security-wise?

I have a web app hosted in Digital Ocean and use Laravel Forge to keep a daemon running an SSH tunnel to another server (i.e. ssh -L XXX:127.0.0.1:XXX -p XXXX [email protected][ipaddress]). I do this in order to stay connected to a remote DB in that server. Is ther ...

Can API Consumer be SAML token provider

I am a newbie to SAML based authentication. In a typical B2B enterprise setup, I need to consume an API provided by another organization. API provider has two factor authentication enabled, mutual TLS followed by SAML based authentication. For SAML, provi ...

OWASP scan on SQL Server Compact Edition

On running a dependency check on my projects library, the tool reported multiple vulnerabilities in System.Data.SqlServerCe.d
ll, and CVE-2012-1856 with the highest score of 9.3 The version of the said DLL I have is from SQL Server Compact Edition 4.0 SP1 ...

SQL Injection on POST JSON request

I have a web application vulnerable to SQL injections. I'm using BurpSuite to intercept the requests. More specifically, the data variable below is vulnerable. I added my own data to aggregates and filters: data=[{ "params": { "dsreq": "{ ...

Bltejack without Micro:Bit

I guess some of you might have read about bltejack, a tool to hijack bluetooth connections that was introduced on the latest Blackhat conference. Here's a link to the project description and download: https://pypi.org/project/
btlejack/#description I wo ...

Should I continue using this (potentially dangerous) website?

As a part of my project I had to scrape some motivational pictures, so I considered using the gallery section of the website, "Quotes Cover" - https://quotescover.com/c
ategory/quotes-gallery. Kaspersky's green tick, the HTTPS protocol and the general loo ...

Use Splunk to run Nmap scan from remote host to potential attacker

When receiving internal attacks, I'd like to utilize Splunk alerts to trigger an Nmap scan against that attacking host. I would like that Nmap scan to run from a remote machine though, not from the Splunk server. Is there any API or script that would prov ...

AEAD and nonces explained in layman's terms (Symmetric encryption example using Libsodium)

After almost 4 days of work, I've finally gotten Libsodium crypto_aead_xchacha20poly
1305_ietf_encrypt to work and produce the same result in JavaScript and PHP. But I'm confused. The PHPDoc describes the parameters as: * @param string $plaintext Messag ...

How does Google protect against scraping?

I'm trying to implement security against scraping on my website to prevent basic scraping techniques. Google seems to have a very good protection against scraping, but it's so good that I'm unable to understand its mechanism. I was trying to make an htt ...

Securing a Laptop from a Foreign Intelligence Agency

What would be the best practices for securing a single-purpose Windows laptop against a determined foreign intelligence agency from tampering with data on the machine? The machine would be used several times per year by two individuals who independently ...

Stumbled upon a serious vulnerability but company doesn't seem to care. [duplicate]

This question already has an answer here: Reporting vulnerable sites 3 answers Browsing the site, I stumbled upon a glitch (more like a wrong setting) w ...

POST method attacks!

In POST requests, values are sent in the "body" of the request. Nowadays, websites use POST methods more than GET. Hackers can't see the parameter if a website uses POST methods. like POST /path/script.cgi HTTP/1.0 From: [email protected] User-Agent: HTTPT ...

Why did I have to wave my hand in front of my ID card?

I recently had to authenticate myself online to use an internet-based service. The authentication process was done via video call with me holding my ID card in front of my laptop camera beside my face. I also had to wiggle the ID card so the person on the ...

How to auto renew OpenVPN client certificates using easyRSA

I have embedded devices that are located in different cites and connected to my OpenVPN server. I initialize my devices before deploying them and put the certificate/key pair through local network. When the devices go online at the remote site they are co ...

What is a difference between RFI/LFI and SSRF?

Is there any difference between those? Can we say that Server Side Request Forgery (SSRF) is a generalization of Remote File Inclusion (RFI) and Local File Inclusion (LFI)?

What is the difference between RFI/LFI and SSRF?

Is there any difference between those? Can we say that Server Side Request Forgery (SSRF) is a generalization of Remote File Inclusion (RFI) and Local File Inclusion (LFI)?

Good practices for protecting a machine certificate against extraction

Consider the following scenario: You are providing VPN access for a number of machines running Windows 10. The machines are configured and hardened according to company standards. You rely on machine certificates for authentication. You want to prevent u ...

What's the alternative of content security policy (CSP) header in Internet Explorer IE?

As mentioned in the CSP documentation & even we get to know this from "browsers supported" page of CSP that Content security policy is not supported in Internet Explorer browser. So, if we want to support CSP in our application with all the supported brow ...

Is it possible to encrypt a file using both AES-256 cipher, password and keyfile using OpenSSL?

Is it possible to encrypt a file using both AES-256 cipher, password and keyfile using OpenSSL? So I want to encrypt a file using OpenSSL. After hours of testing I have found a command which may partially do what I want: openssl enc -aes-256-cbc -salt ...

OWASP Benchmark Project Test Suites

I am currently using the OWASP Benchmark Project in order to test the effectivity of several commercial DAST tools. In addition I have an IAST Tool that I wanted to check. Unfortunately the OWASP Benchmark Project website offers no information on test s ...

Do we need to add CSP to all web pages in a web application?

We have a multi-page web application. I understand that ideally CSP should be set for text/html responses only. Is it enough to add content security policy (CSP) header to the login page or should I add the header to each & every page? Did not find any s ...

Why does the EFFs unique-prefix-wordlist have so long words

A while ago, the EFF published new wordlists to be used with diceware, to create passphrases with “better” words. One variant is the “short word list (with words that have unique three-character prefixes)”. They write about this list Finally, ...

How would I inspect a vpn connection in the interest of mimicking a mobile via a more generic tool?

I use a mobile app that forces all device traffic through a vpn. I’d like to mimic the app’s connection by setting up the vpn on a router and forcing all traffic through the vpn connection at the router. How would I begin the “opaque” testing of t ...

Change Laptop HDD with older one

1st off, this is the first question I've asked on here so I hope I'm doing it right. Otherwise kindly bare with me on this one and point out what I might've done wrong. I recently (ok about 6 months ago) I upgraded my recently passed away mother's laptop ...

Can a swarmkit worker node access something its not normally meant to know?

Can a swarmkit worker node access something its not normally meant to know? What measures can one take to avoid a swarmkit worker node from getting unwanted access to other things?

Device location in LTE/GSM packets?

I'd like to know if any of the LTE or GSM packets have the GPS coordinates of a given device or any information about its geolocation. I mean, there must be a way to locate devices (maybe triangulation from 3 base stations) so I wonder if this information ...

Does Microsoft has a password checker?

Hi: Does Microsoft has a password checker such as http://howsecureismypassw
ord.net/ Thanks!

Does Microsoft have a password checker? [on hold]

Does Microsoft have a password checker such as http://howsecureismypassw
ord.net/

How did a message sent from a pharmacy to my sons phone go to my phone during a phone call

I was talking to my son who was at the hospital when a text message came through say his medications at Kaiser where ready for pickup. My son never received the text and I had to forward it back to his phone. My son lives three states away, has a differ ...

Network intrusion security warning in router logs

i found this in the logs of my router Intrusion -> SRC=198.20.70.114 DST=(here was my own ip) LEN=44 TOS=0x00 PREC=0x00 TTL=111 ID=43361 PROTO=TCP SPT=1940 DPT=49152 WINDOW=34917 RES=0x00 SYNURGP=0 went to check ip map location to see if its just my own ...

Run powershell command in Macro as Admin(Elavated)

I have wsome code that runs in a macro, some somehow the code runs the powershell command(which is the calc.exe LOL),so specifically i want to run the command as admin(elavated), Can someone help me on that This is the code Sub Auto_Open() o End ...

Run Powershell command in macro as Admin (Elevated) [migrated]

I have written some code that runs in a macro. Somehow the code runs the Powershell command (which is calc.exe), so specifically, I want to run the command as admin (elevated)? Can someone help me? This is the code Sub Auto_Open() o End Sub Sub ...

how to bypass information_schema on SQL Injection ?

i try to SQL i Manual Union Based , here i have a problem when try to DIOS (Dump in One SH0ot ) here i have a query DIOS make_set(6,@:=0x0a,(sel
ect(1)from(information_sc
hema.columns)[email protected]:=make
_set(511,@,0x3c6c693e,tab
le_name,column_name)),@) but the ...

How do I block Chrome extensions from making network requests unless whitelisted?

I see extensions such as uMatrix that allow you to whitelist requests for URL patterns. How can I have the same functionality but, instead of for websites I visit, for Chrome extensions I have installed?

How to check Hardware Integrity?

When we download an ISO or any file we can hash it to ensure that the downloaded file has not been tempered i.e integrity of that file is preserved. But when I am buying a hardware device (monitor,HDD, keyboard, etc) from the market how can I be sure th ...