HackDig : Dig high-quality web security articles for hacker

Python Sender

Last week I played my first Capture The Flag (CTF) where I really tried solving the challenges for a couple of hours. It was a regular jeopardy style CTF with binaries, web applications and other server ports. I don’t think CTFs are going to be my favourite hobby, as pentesting is similar but just a little bit more real life. However, CTFs are very ni
Publish At:2019-09-19 18:20 | Read:498 | Comments:0 | Tags:Useful scripts Web Penetration Testing CTF http pentesting p

Five Security Tips to Protect Embedded Devices

Embedded devices on enterprise networks make attractive targets for hackers because they provide potential footholds.These systems perform a variety of functions, often involving sensitive data or control of critical systems. Network gear, printers, storage appliances and other equipment generally do not have end-point protection installed, making them an id
Publish At:2016-08-03 13:00 | Read:19678 | Comments:0 | Tags:Featured Articles Security Awareness Embedded devices HTTP n

Why is Passive Mixed Content so serious?

One of the most important tools in web security is Transport Layer Security (TLS). It not only protects sensitive information during transit, but also verifies that the content has not been modified. The user can be confident that content delivered via HTTPS is exactly what the website sent. The user can exchange sensitive information with the website, secur
Publish At:2015-07-31 01:45 | Read:3169 | Comments:0 | Tags:Technical Insight Tools and Applications Vulnerabilities Web

IIS At Risk: The HTTP Protocol Stack Vulnerability

Unpatched versions of Microsoft’s Internet Information Services (IIS) web server are vulnerable to a remote denial of service attack that can prove to be very threatening if set against critical systems. The vulnerability, which was fixed by Microsoft in MS15-034 as part of the April 2015 Patch Tuesday cycle, can trigger the blue screen of death or mor
Publish At:2015-04-22 17:50 | Read:4698 | Comments:0 | Tags:Vulnerabilities HTTP IIS web server Vulnerability

New Firefox version says “might as well” to encrypting all Web traffic

Developers of the Firefox browser have moved one step closer to an Internet that encrypts all the world's traffic with a new feature that can cryptographically protect connections even when servers don't support the HTTPS protocol.Further ReadingInternet architects propose encrypting all the world’s Web trafficNext-gen HTTP calls for default crypto to st
Publish At:2015-04-02 06:15 | Read:3660 | Comments:0 | Tags:Law & Disorder Risk Assessment Technology Lab cryptography e

#HackerKast 13 Bonus Round: FlashFlood – JavaScript DoS

In this week’s HackerKast bonus footage, I wrote a little prototype demonstrator script that shows various concepts regarding JavaScript flooding. I’ve run into the problem before where people seem to not understand how this works, or even that it’s possible to do this, despite multiple attempts at trying to explain it over the years. So
Publish At:2014-12-16 23:10 | Read:3158 | Comments:0 | Tags:Technical Insight Vulnerabilities Web Application Security W

Filtering Explicit Content

Many web sites provide a setting to reduce the amount of explicit, or objectionable, content returned by the site. The user configures these settings, but many users are unaware such a setting exists, or that it needs to be set for each web site. Additionally, the security administrator cannot audit that users have configured the setting. As a result, users
Publish At:2014-09-02 09:30 | Read:2927 | Comments:0 | Tags:Security Cisco Security Service content CWS HTTP security we


Share high-quality web security related articles with you:)


Tag Cloud