Skip to main content
Information Security

All Questions

Ask Question
Tagged with
9 questions
NewestActiveBountiedUnanswered
0votes
1answer
214views

Would it be useful from a security perspective to harden an interpreter like Python or NodeJS by removing support for unused features?

When hardening a system you want to remove any features that you do not need. I have been thinking about this concept from the perspective of interpreters like Python, NodeJS, PHP etc. and am ...
Blink's user avatar
Blink
  • 3
2votes
3answers
671views

About vulnerability in the dependency

I have read many articles about the vulnerability in the program dependency, either direct or transitive. Here are two questions come out of my mind. If a dependency A has a vulnerability (Maybe has ...
LGDGODV's user avatar
LGDGODV
  • 193
4votes
2answers
29kviews

URL parameter manipulation and injection

I have a scenario with 2 sites. Site 1 is mysite.com and Site 2 is secondurl.com. Site 1 is using Wordpress. There, I did a Javascrit/jQuery routine that checks if a given url parameter comes in. If ...
churros's user avatar
churros
  • 153
1vote
1answer
957views

How to test email spoofing with this php script? [closed]

I want to harden my SPF setting. However I have trouble testing my SPF setting. I want to be able send a test email to try out my new SPF settings. Most of the resource on internet seems to be use ...
Anthony Kong's user avatar
Anthony Kong
  • 209
0votes
1answer
369views

Encrypt a file in the server and decrypt it in the client without risking the user accessing it?

How can I send an encrypted file from a server to a client, encrypt and use it in the client without risking the user to access it? I saw an answer where the server saved a file in its memory, and ...
user avatar
user171096
2votes
1answer
372views

What encryption protocol is used by paragonie/Halite library by default?

We're going to implement encryption between php server and python server. We decided to use paragonie/halite library (based on libsodium) on our php part. Python guy are asking what exact protocol ...
Viktor Kruglikov's user avatar
Viktor Kruglikov
  • 123
1vote
1answer
148views

Functions in common server-side languages which are used to execute code [closed]

I want to know the list of functions which are used to evaluate strings to code. For example: in PHP we have the eval function which evaluates a string to PHP code. Input passed into eval without ...
bhartay's user avatar
bhartay
  • 89
0votes
1answer
1kviews

what are potential security risks of a python script outside public_html folder

I would like to know the risks of a python script that is outside of public_html application/scripts/myscript.py public_html This script is called by the php application asynchronously. it receives ...
dac777's user avatar
dac777
  • 35
9votes
3answers
2kviews

How to implement client side encryption for CalDav & CardDav content?

I'm looking for a client-side encryption implementation that would be able to secure CardDav & CalDav data so that they couldn't be compromised even by the hosting provider. Server side: PHP or ...
g0lem's user avatar
g0lem
  • 189

close