Questions tagged [security]
Topics relating to application security and attacks against software. Please don't use this tag alone, that results in ambiguity. If your question is not about a specific programming problem, please consider instead asking it at Information Security SE: https://security.stackexchange.com
security
56,608
questions
1
vote
1
answer
17
views
Spring Security : stackoverflow error after submit login form to ".loginProcessingUrl("/perform_login")"
intelliJ debug log is below.
enter image description here
and stackoverflow error log is
2024-07-26T14:01:13.600+09:00 DEBUG 17896 --- [nio-8880-exec-9] o.s.security.web.FilterChainProxy : ...
-4
votes
1
answer
37
views
Is there a way to prevent directory traversal attacks (../ pattern) at the JRE level? [closed]
I'm looking for a way to prevent directory traversal attacks, specifically those involving the ../ pattern in file paths, at the Java Runtime Environment (JRE) level. My goal is to ensure that such ...
- 7
0
votes
0
answers
8
views
Is there a way to delete security logs on GitHub?
I was just wondering if there is any way that I can delete security logs on GitHub for my own Private account on which I only have private repositories that are shared with nobody. Is it possible at ...
0
votes
0
answers
6
views
What is the purpose of adding URI elements to a Meta Pixel Domain Allow List?
The Security Configuration
A site I began managing last year uses the "Allow Listing" feature to block traffic sent from users on various domains when using the Meta Pixel. The site's three ...
0
votes
0
answers
10
views
Safely embedding third-party websites in an iframe on my site
There is a parent site (my site) and a child site (a third-party site that I want to embed in an iframe). I want to open the child site inside an iframe on my parent site.
I'm concerned that the child ...
- 13
0
votes
0
answers
5
views
Generate an .eml file including the MSIP label
I'm currently coding an email generator using Python and its native email package.
I take an Excel file in input and generate several .eml files as the output.
The goal isn't to send them ...
- 51
-2
votes
0
answers
26
views
Can a flash USB stick transfer virus or maleware [closed]
Can a Flash Stick from an untrustworthy person transfer trojan to my latpop if I inserted it in USB port?
I am very worry
I tried to scan it with Kaspersky Internet Security
If he is an advanced ...
- 1
0
votes
1
answer
30
views
Mime type spoofing detection
I am working on a content type spoof detector for a web application. My issue can be answered by any developer with experience on this subject.
My input is a object, which expose its filename, ...
- 115
4
votes
1
answer
24
views
How do I make my accessibility app work along with certain banking apps?
My app is accessibility based screen reader, but some banking apps deny to work if my accessibility service is turned on. User has to explictively turn it off everytime they want to use their banking ...
- 43
-1
votes
0
answers
10
views
Is there a Opensource way to compliance audit Microsoft 365 Apps
I am looking for ways to value add to existing Office 365 Security & Compliance center which is available by default. Adding HIPPA compliant check but I don't wanna pay for the templates available ...
0
votes
1
answer
36
views
Protecting user input in a browser against attack
I need to encrypt strings (user input) using AES and send them to a server. It's highly sensitive and it's the user's key asset.
I must assume the browser is not trustworthy and is prone to trojans, ...
-3
votes
0
answers
26
views
Any methods that help in sniffing a zip file out of a .pcapng file? I have tried wireshark and the rest :( [closed]
I am working on a CTF Practice room and one of my questions is to sniff out a zip file from a .pcapng file, I have tried working with wireshark and a few other online tools, but to no avail, would ...
0
votes
0
answers
15
views
Flutter: set up Dev Prod Test Environment with envied Package
package url: https://pub.dev/packages/envied
I have set up my variable like API Key and base url in .env file to secure. It works perfectly fine.
I want to differentiate between DEV,TEST,PROD ...
-1
votes
1
answer
12
views
How to decode & save encoded file?
I'm trying to extract a file and can't figure out how to translate & save the file. It's from phrack http://www.phrack.org/issues/70/5.html#article
Near the bottom is:
--[ 9 - Source Code
begin ...
- 1,774
0
votes
1
answer
37
views
How can I hide token in my .json file on github [duplicate]
I have an identity.json file. in which I have added a token. so I directly added a token in my file and pushed to github. now when my token is visible in github. and I don't want it to be visible. Is ...
- 23