segurança

When I try to log in: If I use the wrong username and password, only the contents of header and footer appear. If I use t ... ton bradius" name="login" value="Login"> </form> </div> <?php } } include "footer.php"; ?>

I'm making a form, and I'm performing the validation part... I see the term sanitize or sanitizar a lot, what does that mean? I have even seen some functions in php that take this term in their parameters.

Shannon entropy is given by the formula: Where Ti will be the data extracted from my network dump (dump.pcap). The end o ... ; rv:45.0) Gecko/20100101 Firefox/45.0 Connection: keep-alive content-type: application/x-www-form-urlencoded; charset=UTF-8

I know there are several posts here citing the pros/cons of virtual keyboards to avoid keyloggers , but I didn't see any that ... pture the clicks by x times, can I deduce the password? What is the logic to validate the password and ensure authentication?

Most banks offer some kind of security module that acts on the client side for access to internet banking websites. They are ... d on all websites and ultimately comes integrated in all browsers? Why use Java instead of, for example, a browser extension?

In the InfluxDB documentation, I found the following note: Note: InfluxDB redacts passwords when you enable authentication. Source: https://docs.influxdata.com/influxdb/v0.13/administration/authentication_and_authorization

I am studying about some vulnerabilities that I found on a site I made and came across the possibility of the attacker sendin ... GET[“busca”]); Only with this change is it possible to eliminate the possibility of attack via Cross site scripting or XSS?

By default Apache denies access to files whose name begins with .ht, such as .htaccess: <Files ~ "^\.ht"> Require ... nfiguration files? If this is the case then I would swap it for a "group" of file types: (^|/)\.(git|gitignore|yml|svn)$

closed . This question is opinionated and is not accepting answers. ... I confess that it is very laborious, especially maintenance, it becomes a bit disheartening when the project begins to grow.

Good Morning guys, I'm developing a system in C# WinFormswith the database in firebird 3that will work in internal network ... ill have access to the entire structure, including the data. How could I do to add an extra level of security to my database?

closed. this question is out of scope and is not currently accepting answers. ... these keys, it can extract the content. Can camouflage these public.key's private.key that will stay inside the application?

I am needing to develop a system to be used by the user. The user will be registered in another system, where we will have th ... e user information and especially, I don't want to expose the "Master" System that will have very important data inside it...

I would like to understand how the encryption algorithm works AES (Advanced Encryption Standard). I am looking for didactic a ... f possible, the operations with bits. Note that I do not ask for code examples, although they are valid for the explanation.

I use a tool that performs security checks on the packages of my project, it indicated to me that one of the packages is susc ... n? I can check if my code is susceptible without using external libraries? How do I prevent my code from being vulnerable?

I understand the difference between Access Token and Refresh Token, there is already a question about this here in SOpt. I ... ompromised in both cases, the problem would be the same, since with a renewal token I would be able to get an access token.

In terms of routing, my site is divided into two parts: first, it has an app folder inside the root, where is contained all t ... editing in the php file) blocks access to the system as well and the site does not load. Anyway, how to do it the right way?

I am in doubt whether I should encrypt a password before sending it to the server, and on the server save the hash in the bank, or whether I should encrypt only on the server...

Was reading the documentation of umask and I came across this: When PHP is being used as a server module, the umask is r ... using move_uploaded_file to another folder when using umask until the request finishes processing the folder might be unsafe?

Guys, I'm trying to create a script to delete my files and folders safely, just like shred does, srm , etc...but I would lik ... rsively in a directory for all files and not by opening a specific file or passing it as an argument. Anyone have any ideas?

I was researching about security in REST APIs and found the terms refresh tokens, access tokens and grant type referring to how tokens work and how the client requests resources What are they and what are their differences?