-
Would you mind clarifying on this paragraph:
> While that concept is appealing, it also has security implications. We always say that security by obscurity is not security, but providing attackers …
-
If possible, it would be better if certHostnames was always present. I would rather check the grade (and/or the cert issues bitfield) to definitively determine if a mismatch exists, and always have ce…
-
Howdy,
I've identified an interesting attack scenario against Jade/Pug. Not a vulnerability per se, but a bypass of the restricted namespace Pug implements. Take a gander at my full write-up:
htt…
-
## Expected Behavior
Framework should terminate without leaving traceback on terminal.
## Current Behavior
Program leaves a long traceback
## Possible Solution
Exit the program gracefull…
-
hi,
great work on the script.
any chance to have this script being somewhat more modular.
i think you're familier with lazykali, so maybe something along the lines of that.
thanks !
roy
-
Based on the following report from @francesco1119, it sounds like there is a bug in the handling of the STOP_ON_SUCCESS option.
[Original report](https://github.com/rapid7/metasploit-framework/pull/3…
-
Hi and thanks for the gem :)
Here are some questions I have concerning its use. Please be aware it would be possible to see them as a freelancing mission.
## Store tenants in different databases serv…
-
It can be found in the **feature/session** branch and is the last thing I want finished before the 3.0 release. To everybody reading this: please test it and give some (useful) feedback. :) Tests with…
-
```
static function PortReadable()
{
$port = self::Port();
if ($port=="80" && strtolower(self::Protocol())==self::PROTOCOL_HTTP)
$port="";
else if ($port=="443" && strtolower(self:…