56,557 questions
-3
votes
0
answers
17
views
Is linkedin worth for learning cybersecurity, pentesting and computer networks (preferably frontend too) [closed]
I am trying to learn cybersecruity and finished free modules from hackthebox academy and solved some labs, ctfs. But I am stuck now and level up my skills as much as possible in shorted period of time....
- 1
-1
votes
0
answers
12
views
Xcode keeps asking password prompt for swift-package-registry
I have one package located at swift package registry in Artifactory which is available through authorization with login and password. I try to build via Gitlab CI or locally and during resolve package ...
- 1
1
vote
1
answer
39
views
Is this a vulnerability for Oracle 19c database privilege escalation?
The following test cases and their results were obtained from experiments conducted in Oracle19c。
Experiment 1:
SYS:
CREATE USER AAA IDENTIFIED BY 123456789;
CREATE USER BBB IDENTIFIED BY 123456789;
...
- 21
0
votes
0
answers
18
views
Is it possible to sandbox web components?
I'm building a dashboard on my site so my customers can more easily visualize their data. I'm going to provide graphing widgets which the customer will be able to configure to view their data however ...
- 1,019
1
vote
0
answers
15
views
windows container scanning against vulnerabilities
I'm looking for command-line tools that can scan Windows containers for vulnerabilities. My primary focus is to integrate the tool into a CI/CD pipeline.
Any suggestions?
tried trivy, but this is not ...
0
votes
1
answer
34
views
How to Collect Data Across Iframes on a Shared Domain Without Interacting With the Main Page?
I am working on an implementation involving hosted fields for securely handling credit card information. My setup includes the following:
An HTML page containing 4 iframes:
3 iframes for credit card ...
0
votes
0
answers
30
views
WordPress sites getting hacked with URL POST /?KQOB=DtWtG How to trace? [closed]
We have several WordPress sites that lately have been under attack. Despite numerous WordFence and other scans thehackers are still getting in. I traced the latest file they created by comparing the ...
-5
votes
0
answers
46
views
Mac can not open file no matter what app I use - Message includes 'Apple could not verify'. but it isn't the app it's the text file [closed]
I get this message when I try to open my file (I created) using the default (visual studio code) and texted or anything else - seems very strange
'Apple could not verify "OSIN,IA_WORKPLAN_IFACE....
- 109
-3
votes
0
answers
61
views
Is my code safe enough? (Math.random fast and secure alternative) [closed]
So... I've been working on a npm (and browser compatible too) JS library for a while, which contains randomization functions.
It uses Math.random() behind everything, and some days ago, I've decided ...
- 19
0
votes
0
answers
30
views
Is it safe to run arbitrary code in a GitHub Actions job whose GITHUB_TOKEN has no permissions?
I want to create a workflow to automatically run user-provided test functions from issues. If I disable all GITHUB_TOKEN permissions for that job, is there anything else I should worry about? I.e., ...
- 397
-1
votes
0
answers
11
views
Storing tokens using Cache API in a service worker
I have a project where I need to attach a bearer token onto HTTP requests going to an API. The straightforward way to persist the token is to store it in localStorage and then manually attach it to ...
- 134
0
votes
1
answer
48
views
Is it possible to design a "paywalled" Web API that is meant to be consumed securely from a web frontend?
Let's say I want to design an API that does something useful that people pay monthly to consume. Let's say an endpoint for this API is the following:
https://www.example.com/api/GetMeaningOfLife
Since ...
- 3,495
-1
votes
0
answers
37
views
Safely Storing Passwords and Database Credentials in Django [closed]
Does anyone here have experience with Django?
How can I safely store my passwords, database credentials, and other sensitive information in settings.py?
I found it using cryptography but wanted to ...
-3
votes
1
answer
43
views
Protect aginst editing Code in Browser on Website [closed]
I am fairly new to programming, and i startet to make a Website to practise, after a while i have noticed that my login page can easily be manipulated my simply changing my JS Code in the browser. I ...
0
votes
0
answers
9
views
Control what can be uploaded in AEM sling
I was asked to restrict what can be uploaded in Adobe Experience Manager (author) - limit the size, content, name etc. As AEM is built on Sling, which has a REST-ful interface, almost everything can ...
- 1,741