segurança

I'm making a website and started making use of the TimThumb library.php to resize the images to the exact size I want. Howeve ... howed vulnerability; will making use of it imply anything in the performance of my site? former: more work for the server.

Doing a security class for PHP I noticed the existence of two similar constants, like: FILTER_SANITIZE_NUMBER_INT and FILTER ... ; } There are standard methods in PHP, such as is_int() and is_integer(), but it seems to be less reliable. (I'm not sure)

Nowadays there are many disassemblers and recompilers for .NET Framework, the guy goes there, makes an application and everyo ... le servidor, username and password, can the guy who decompiled the app have access to the contents of these three variables?

I am in doubt about how the Data Encryption Standard works, could anyone explain in a didactic way?

If I do hash of passwords before storing them in my database is enough to prevent them from being retrieved by someone? I'm ... security in this aspect? What additional concerns would prevent access to passwords? Are there better ways to do this hash ?

I see a lot of confusion on the site about the terms. in the context of data security What Would encoding, encrypting and ... used for something else? Example: use Base64 . Please read and understand the question, the subject has a specific context.

Many Brazilian government websites usually do not have valid security certificates. Examples: Https://www.ibama.gov.br / ( ... hat's it, just like these Government websites do? What impacts does an invalid certificate have on the security of a website?

Always when I have folder permissions issue on my Ubuntu OS, I usually give the 777 permission for the particular folder. I u ... older. Is that true? It would be nice too if the answer could explain better about the differences between 644, 755 and 777.

While working on a project that uses sha256 and security keys, I came across the term hmac. I still don't know what it's all ... any purpose for information security? If so, cite examples. And finally: How to pronounce it? I always say: "Agá-mequi"

The program below allows the occurrence of memory overflow, since it is possible to overwrite the zero variable by putting a ... printf("Zero continua sendo zero"); }else{ printf("A variavel zero foi modificada"); } return 0; }

I am a Java beginner and I am studying java web, mainly Servlets and JSP. And I need to develop a web application as a colleg ... ss that encrypts / decrypts every time it enters on one page). Has anyone ever done anything like this? Would you have a tip?

I came across the term Over-posting while following Microsoft's application creation guide in ASP.NET Core. I had asked a ... oubts what is an over-posting attack? when and how does such an attack occur? what damage can it cause to my application?

Since I opened an online project I am having trouble with hack, where someone is making direct inserts into the database. Tha ... ttacker still manages to hack into the server, even if he is sure after having checked all the lines of code of the project..

I finished a step of a program and we will start to put into production, however, when running the program is always displaye ... What should I do, to make my program Reliable? and stop displaying this message? Note: I don't want to disable Windows UCA.

I saw in some comment here on the site, in some question, talking about JWT to solve an authentication problem. I had seen th ... realized it was a very different thing. So I'll ask: What is JWT? Is it a library? A specification? So that will it do?

I have the network dump (file in PCAP format captured with tcpdump) of a "conversation" between the attacked server (Apache w ... s the handshake in TCP using small window size, right? That is, it explores protocol and not just application. Do you agree?

I had a class in college that left me" kind of " intrigued, my teacher was talking about the differences of interpreted langu ... the main one is: If my code is compiled and you don't know how it was written, How do antiviruses know it can be dangerous?

I was messing with some files that are digital certificates and security certificates, so the question arose to me: What is the difference between a file .Sky, .pfx e .pvk?

I would like to know in a more simplified way what these types of attacks are. Keylogger brute force attack rubber hose ... om them. I am creating a website for a company and would like to better understand them and how to protect myself. Thank you

I'm seeing this word in almost every service application.. What is an API KEY really and what are its uses? How does it really work? Also please, if possible, explain the difference between public and private API KEYs.