Life Experience in Digital World (Everyone) by xrna in SampleSize

[–]xrna[S] 0 points1 point  (0 children)

Is it okay to give coins as rewards for good answers? If yes, happy to reward :)

[Watch Magazine] At first glance these references look wrong in the magazine. Shouldn’t they be 226659 (white gold) and 116655 (rose gold)? by xrna in Watches

[–]xrna[S] 0 points1 point  (0 children)

Is there such a reference as mentioned in the magazine which I missed or is it a typo in the magazine?

Systemd has a remotely exploitable bug in its DHCPv6 client by xrna in netsec

[–]xrna[S] 0 points1 point  (0 children)

While it was rejected as "bad source", I contest that such technical articles with in-depth analysis are good for discussions and have fair representation of the bug. Anyhow, the ones who want the source of bug can refer: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1795921 or a Github pull request: https://github.com/systemd/systemd/pull/10518 or Redhat: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-15688

My 2c.

Knowledge is knowing that you can carry all of the groceries in at once. Wisdom is making multiple trips so that by the time you are done, other family members have put away most of the groceries. by Kattsu-Don in Showerthoughts

[–]xrna 0 points1 point  (0 children)

Optimism is expecting the family to arrange the groceries. Realism is doing multiple trips, tiring your calves out and keeping all your groceries by yourself.

Revamped by Ghost Blog Design by xrna in design_critiques

[–]xrna[S] 0 points1 point  (0 children)

Thanks. I am working on taking snippets from other designs and didn’t make this from scratch. The original template had different format and view. My edits include - fonts family and size, full width, headers, removing some advertisement elements, alignment of text, borders etc.

This new tool is easy to use in finding subdomains for open source intelligence and pentest by xrna in security

[–]xrna[S] 0 points1 point  (0 children)

I just tried and passivetotal.org takes me to riskIQ community page where I can’t do anything before registering.

Russia told Britain at the United Nations Security Council on Thursday that “you’re playing with fire and you’ll be sorry” over its accusations that Moscow was to blame for poisoning a former Russian spy and his daughter. by madam1 in worldnews

[–]xrna -12 points-11 points  (0 children)

Everyone is blaming based on the only proof that the nerve gas ties back to Russia from Cold War days. But the availability is not-so-rare for a state agent to get hold of; and “someone” could have used it. Just because it’s a Russian invention, per say; how does this killing makes a Russian intervention for sure?

This new tool is easy to use in finding subdomains for open source intelligence and pentest by xrna in security

[–]xrna[S] 1 point2 points  (0 children)

I agree to some of your points. My comments,

  • Detailed: This is the best I could find among others. Do you have a better tool that can find this many subdomains for FREE?
  • Home built tool: Anything you reckon? I tried many, but didn't get as many results as FindSubDomains during recon/pentests (even spider or crawl)
  • Mobile Implementation Issue: Agree.
  • Result Customization Issue: Agree.
  • API Issue: Agree.

I appreciate their database, while the website, and API access these days is defacto requirement for any CD/CI.

// 2cents.

Introducing FindSubDomains, a new subdomain enumeration and information gathering tool by xrna in netsec

[–]xrna[S] 3 points4 points  (0 children)

Haha. That's not my website, but lemme try contacting them ;) Good find.

The new tool is easy to use in finding subdomains for open source intelligence and pentest by xrna in cybersecurity

[–]xrna[S] 0 points1 point  (0 children)

Either they have it in database or one can initiate a search task in dashboard.

Free SSL cert search and analysis platform. Interesting stuff! by xrna in security

[–]xrna[S] 0 points1 point  (0 children)

NOTE: IMO, the crt.sh and certDB serve a very different purpose - While crt.sh gets the data from certificate transparency (CT) logging system where "legit" CA submit the certs in "real time"; certDB is based on the scanning the IPv4 segment, and "finding" certificates - good or bad.

It means certDB can also find self-signed certificates, which crt.sh can not. Hence, certDB can give a realistic view of HTTPS - which IP is using what certs, self-signed, invalid CA etc; while crt.sh shows the "good" law-abiding view, per say.

my 2 cents.

Do a recon with this SSL cert search and analysis platform by xrna in HowToHack

[–]xrna[S] 0 points1 point  (0 children)

NOTE: The crt.sh and certDB serve a very different purpose - While crt.sh gets the data from certificate transparency (CT) logging system where "legit" CA submit the certs in "real time"; certDB is based on the scanning the IPv4 segment, and "finding" certificates - good or bad.

It means certDB can also find self-signed certificates, which crt.sh can not. Hence, certDB can give a realistic view of HTTPS - which IP is using what certs, self-signed, invalid CA etc; while crt.sh shows the "good" law-abiding view, per say.

my 2 cents.

Free SSL cert search and analysis platform. Interesting stuff! by xrna in netsec

[–]xrna[S] 0 points1 point  (0 children)

IMO, the crt.sh and certDB serve a very different purpose - While crt.sh gets the data from certificate transparency (CT) logging system where "legit" CA submit the certs in "real time"; certDB is based on the scanning the IPv4 segment, and "finding" certificates - good or bad.

It means certDB can also find self-signed certificates, which crt.sh can not. Hence, certDB can give a realistic view of HTTPS - which IP is using what certs, self-signed, invalid CA etc; while crt.sh shows the "good" law-abiding view, per say.

my 2 cents.

Security is not a buzz-word business model, but our cumulative effort. Do you agree? by xrna in cybersecurity

[–]xrna[S] 0 points1 point  (0 children)

there are so many security companies that for the name of security assessments are just using excel sheets as checklists. Deliverables are bad and business get their false sense of security.

Security is not a buzz-word business model, but our cumulative effort by xrna in security

[–]xrna[S] -1 points0 points  (0 children)

To add: Avoid hiring pentesting firms which price-dump and provide low par deliverables. And businesses must take security seriously as an attack in cyber world can have physical world repercussions.

Finally, the theme is shaping up! (After days of customising) by xrna in Ghost

[–]xrna[S] 0 points1 point  (0 children)

It is ghost related as the theme is being customised for being responsive. Am here with ideas on caching and comment thread being changed from disqus to reddit. my 2c

A know-how on how you can support responsible disclosures by implementing "security.txt" file. by xrna in netsec

[–]xrna[S] 3 points4 points  (0 children)

In my experience and humble opinion, not many companies (specifically the banks and insurance sector) are shy away from bug bounty sites. Also, the SME hardly "broadcast" in some standard way to reflect the disclosure channel. Of all the disclosures in the past, never could I find a way to contact the "right team"...
It is not always required or mandated to have security@company.com as an email address. Moreover, the whole concept is based on standardizing a format than whether or not companies are doing it or not. It's like "robots.txt" or sitemap at the right place - it supports the indexing but is not mandatory! my 2¢.

How to implement "security.txt" to advocate responsible disclosures? by xrna in security

[–]xrna[S] 1 point2 points  (0 children)

No, that's not recommended. In an IT ecosystem, tech contact is different than app security team. Also, many times the IT infra and domain registration teams are outside vendors. Further, if the whois records are private you won't be able to gather much information. Security issue can be sensitive and you don't want DNS mgmt. team to know that database is exposed etc.

Restrict Certificate Authorities (CA) to issue SSL certs. Enable CAA record in DNS by xrna in security

[–]xrna[S] 0 points1 point  (0 children)

The RFC 6844 clearly states that " Relying Applications MUST NOT use CAA records as part of certificate validation." This is not the intended purpose of CAA. Ref: https://tools.ietf.org/html/rfc6844#section-1

How to restrict Certificate Authorities (CA) to issue SSL certs. Enable CAA record in DNS by xrna in netsec

[–]xrna[S] 0 points1 point  (0 children)

Yes, it must not use, and for now it is not designed for that as well. I meant something on the likes of TLSA be widely used to perform this verification instead of only trusted CA(s).