public marks

PUBLIC MARKS with tag security

April 2018

HACK - VIDEO - Applied Hacking channel - Samy Kamkar - YouTube

by decembre
SITE: https://samy.pl/ Applied Hacking channel. I'm releasing original research, tools and videos around hacking, technology and security - typically around reverse engineering, coding, software, hardware, radio, electronics, fabrication and physical security (as in physical lock picking, not as in flying karate chops). Full source code, schematics, 3D models, and documentation will often be provided, and I'll go step by step into many of these projects so you can follow along, and build even better things! If I don't forget, I'll also explain how to protect yourself from such attacks and methods to improve security.

March 2018

HACK - OTP (One Time Password) - Receive SMS Online

by decembre (via)
Found by: https://drfone.wondershare.com/message/receive-message-online.html This website can be useful if you want to protect your privacy by keeping your real phone number to yourself. How To Use?: Here you will find some numbers, just use one with your online registrations, and the inbound messages will show up on this site within seconds. I use it for GitHub with success!

HACK - How To Bypass OTP (One Time Password) Verification On Any Website/App - Good explanations but sites provided not usable (TESTED) __ Viral Hax

by decembre (via)
Actually guys Bypass OTP Verification not possible. But you can bypass anyOTP verification without using your our mobile, so in this article we provide you a method for Bypass OTP Verification by using any other Fake mobile phone number. You will get a Fake mobile number to get OTP (One Time Password) code and enter it in website or any app: Here a list of some websites who provides you online free fake mobile phone numbers for verification OTP (One Time Password) for any country like (Usa, UK, Japan, etc..) and we are able to receive OTP (One Time Password) and also see any message on that number like email.

February 2018

Validating Leaked Passwords with k-Anonymity

by srcmax
Today, v2 of Pwned Passwords was released as part of the Have I Been Pwned service offered by Troy Hunt. Containing over half a billion real world leaked passwords, this database provides a vital tool for correcting the course of how the industry combats modern threats against password security.

January 2018

December 2017

sonarwhal

by dzc
a linting tool for the web: accessibility, speed, security, and more (best practices and common errors)

November 2017

FIR - ABOUT:CONFIG - Overview of Firefox's about:config security and privacy preferences | gHacks Technology News

by decembre
- dom.allow_scripts_to_close_windows Defines whether scripts can close windows in the browser. True: Scripts may close any window. False: Scripts may only close windows opened by scripts. (default) - dom.disable_image_src_set Determines whether JavaScript is allowed to manipulate images displayed in the browser. True: Scripts are allowed to change images. False: Scripts are not allowed (default) _ dom.event.clipboardevents.enabled Determines whether websites are allowed to access clipboard contents (check out: Block websites from reading or modifying Clipboard contents in Firefox for additional information). True: Websites may read or modify clipboard events. (default) False: Blocks access. - dom.event.contextmenu.enabled Determines whether websites are allowed to block access to the right-click context menu. True: Websites may manipulate the context menu. (default) False: Web pages won't be allowed to manipulate or block the context menu. - dom.popup_allowed_events Defines the JavaScript events that are allowed to create popup windows. change click dblclick mouseup reset submit touchend - Determines if location aware browsing is enabled. True: Location Aware browsing is enabled. (default) False: The feature is disabled which means that you won't get prompts on websites using it. - geo.wifi.uri The data provider used to power Firefox's geolocation feature. (Check out how to switch to a Mozilla operated service) https://www.googleapis.com/geolocation/v1/geolocate?key=%GOOGLE_API_KEY% - network.http.referer.XOriginPolicy Defines when to set the referrer (the page a visit originated from). 0: Never send it. 1: only send if the base domain matches. 2: only send if hosts match. - plugin.state.flash The default state of the Flash plugin. See How to make sure Firefox plugins never activate again for more information. 0: turns off the Flash plugin in Firefox. 1: sets the Flash plugin to ask to activate. 2: enables the Flash plugin.

FIR 57> - CSP - ABOUT CONFIG - How to enable Firefox WebExtensions on Mozilla websites - Mozilla Firefox 57 - privacy.resistFingerprinting.block_mozAddonManager - TRUE - - FORUM HardWare.fr

by decembre
How to enable Firefox WebExtensions on Mozilla websites (in https://www.ghacks.net/2017/10/27/how-to-enable-firefox-webextensions-on-mozilla-websites/): - Load about:config in the Firefox web browser. - You can run a search for just to make sure it does not exist: privacy.resistFingerprinting.block_mozAddonManager. It does not in the most recent Firefox Nightly builds at the time of writing. - Right-click in the part of the window that lists the preferences, and select New > Boolean from the context menu. - Name the new Boolean value: privacy.resistFingerprinting.block_mozAddonManager. - Set its value to true.

October 2017

September 2017

August 2017

July 2017

May 2017

Let them paste passwords - NCSC Site

by Spone
We think that stopping password pasting (or SPP) is a bad thing that reduces security. We think customers should be allowed to paste their passwords into forms, and that it improves security.

Things to Use Instead of JWT | Kevin Burke

by Spone
You might have heard that you shouldn't be using JWT. That advice is correct - you really shouldn't use it. In general, specifications that allow the attacker to choose the algorithm for negotiation have more problems than ones that don't (see TLS). N libraries need to implement M different encryption and decryption algorithms, and an attacker only needs to find a vulnerability in one of them, or a vulnerability in their combination. JWT has seen both of these errors; unlike TLS, it hasn't already been deployed onto billions of devices around the world.

April 2017

VersionEye - Notification System for Software Packages

by dzc
notifies you about security vulnerabilities, license violations and out-dated dependencies in your Git repositories. Free : 1 private and 4 Open Source Projects

March 2017

Privacy Tools

by wabaus & 2 others
Tools for privacy on devices & across the Internet.

PUBLIC TAGS related to tag security

api +   apple +   authentication +   best practices +   browser +   cloudflare +   coding +   conception web +   crypto +   cyber +   data +   ddos +   docker +   firefox +   github +   google +   hack +   hacking +   hashing +   html5 +   http +   https +   information +   internet +   java +   javascript +   linux +   mot de passe +   oAuth +   online +   password +   passwords +   php +   plugin +   privacy +   readme +   scanner +   secu +   securité +   server +   sms +   sécurité +   software +   ssl +   technology +   tool +   tools +   tracking +   web +   wordpress +  

Active users

decembre
last mark : 29/04/2018 00:50

srcmax
last mark : 07/03/2018 18:23

François Hodierne
last mark : 27/02/2018 14:41

sylvainulg
last mark : 20/01/2018 20:52

dzc
last mark : 19/12/2017 15:36

mfaure
last mark : 16/10/2017 09:18

Spone
last mark : 26/07/2017 22:14

wabaus
last mark : 04/03/2017 16:49