Search the Community

Showing results for tags 'security'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • WiFi Pineapple / Jasager
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • Mark V
    • Mark IV
    • Pineapple Modules
    • WiFi Pineapple University
    • Mark I, II, III
  • Active Projects
    • Bash Bunny
    • Lan Turtle
    • USB Rubber Ducky
    • SDR - Software Defined Radio
    • Community Projects
  • Hak5 Shows
    • Hak5
    • HakTip
    • Metasploit Minute
    • Threatwire
  • Community
    • Forums and Wiki
    • #Hak5
  • Other Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Found 10 results

  1. Greeting all, I am writing an encryption app for both iPhone and android devices and have come to a fork in the road...(ooo, bad pun)...I wanted to create a 'Save' option to store the encrypted texts locally on the device, but after the revelation of vault 7, I am thinking that maybe it's better to have users save their texts off device elsewhere. The Key is generated on the device locally and stored locally. The Key is protected and has self destruct mechanism, but my concerns are that they would both reside on the device and then could be fully compromised. With the ability of these agencies, where do we go from here? My question: would it be better to save off device or just store it locally? Any thoughts and elaborations are greatly appreciated.
  2. VPN

    is there any relatively decent cheap VPNs you'd recommend??
  3. I have to travel a lot for work, so I am looking for a travel router that will be able to act as an OpenVPN client. I have considered purchasing a WIFI Pineapple nano for this application, but it seems to be a bit of an overkill for what I need. What would you suggest I get?
  4. Hey guys, I know most of the post here are about attacks for the rubberducky, but I wanted to share something different with you today: a script to prevent rubberducky attacks. DuckHunt: https://github.com/pmsosa/duckhunt For now it is a project intended to protect users against Rubberducky attacks (or other automated key injection attacks). I made sure to document as much as I could in the github page so that others can keep adding and eventually it could lead to a larger discussion on how to protect users from these types of attacks. I read the previous Defense Against Ducky posts, and it seems that people had lots of ideas surrounding how to defend against these guys. I was just curious to see what would be other legitimate things one could add to protect against these :) Cheers, - Konuko II
  5. Hello. I am new to this forum so if this thread needs to be moved somewhere else, please let me know. Sorry in advance. I have built a hacking lab for testing purposes. I have a target router which leads to a MitM device and a switch. The switch connects two target machines and a hacking machine. I want to supply internet access to the two target machines by connecting the router to my main router, thus giving it internet access (currently the router is not supplying internet). I have heard it is a bad idea to give labs internet access (for obvious reasons). Is there a safe and secure way of doing this that doesn't raise a high/moderate change of comprising the network outside of my hacking lab? I have heard of people using VPNs to secure their network. I just haven't really seen it done in this aspect. Any advice in doing this would be super great! Thanks.
  6. So now there these SOCs which seem to be really the top thing in cybersec these days. My idea of them is just guys sipping coffee and checking whatsapp and sending arcsight automated excel generated reports to people who also have no idea on what to do with them. Ec-council has also come with the incident handling cert now which i think is geared towards this. I want to know what the whole deal is with these SOCs, anybody working in one, please share. Right now all i know is the fuckers are expensive.
  7. Hi all, As the title suggests, I was wondering why WPA should be easier to crack than WPA2, and yet the process to crack them appears to be the same? The hash mode in Hashcat is exactly the same for WPA and WPA2, so surely they would take the exact same amount of time to break? Is there a quicker way to break WPA? I found http://www.aircrack-ng.org/doku.php?id=tkiptun-ng, but this appears to only be for WPA-TKIP, and doesn't look like a finished product. At the moment, are we doomed to cracking WPA using the same methods as WPA2? Thanks.
  8. Are Google URLs truly vulnerable to Open Redirection like explained here https://www.indusface.com/blog/?p=1646 Can it happen to anyone's website?
  9. What are you reading right now? What's on your reading list? Hacking and security related or not, doesn't matter.
  10. I just read the "leaked" draft of the senate encryption bill. It looks awful and contradictory in addition to the adjectives the wired article gave it. My senator's office is across the street from where I work. So I plan on stopping by over lunch on Monday to irritate her staff, by listing off the ways that that bill could break the internet while failing to solve the problems it is aimed at fixing. Wired article here http://www.wired.com/2016/04/senates-draft-encryption-bill-privacy-nightmare/ vice article here http://motherboard.vice.com/read/leaked-burr-feinstein-encryption-bill-is-a-threat-to-american-privacy draft here https://www.scribd.com/doc/307378123/Burr-Encryption-Bill-Discussion-Draft Anyway, I'm a bit annoyed right now that someone thought what they have so far was worth writing down.