-
1. check if there is any built-in solution, like IP blocking.
2. check if invalid logins for a valid username generate DOS for that user.
3. check the two step login like the new google login to avo…
-
## Problem
The off-chain attacks section is pretty cool, and not something a lot of people consider. However the google sheets does not really mention any resources, guides, etc.. to combat against…
-
### \[SP-3\] Develop PlayerManagement smart contract
* Implement player registration, balance management, and payout functions.
* Ensure security and gas efficiency in contract operations…
-
# Lines of code
https://github.com/code-423n4/2024-03-taiko/blob/f58384f44dbf4c6535264a472322322705133b11/packages/protocol/contracts/signal/SignalService.sol#L104-L118
# Vulnerability details
## …
-
@davidben from Chromium has [expressed](https://issues.chromium.org/issues/42290573#comment4) that they don't want to add checks beyond the ones that are already there in their implementation of Ed255…
-
Hello !
Thank's for the great tool !
When I tested the tool, I saw that the kubehound attacks (TTPs) were not linked directly in the Janus Graph database.
I suggest adding TTPs directly to the E…
-
### What feature?
The application currently lacks a Content Security Policy (CSP), which increases the risk of cross-site scripting (XSS) and other injection attacks. Implementing a CSP is essential …
-
During the security assessment, it was observed that the default Django admin page is publicly accessible and that verbose error messages are enabled. Although the test was conducted in a development …
-
### WebKittens
_No response_
### Title of the proposal
Realms Initialization Control
### URL to the spec
https://github.com/WICG/Realms-Initialization-Control
### URL to the spec's r…
-
### Roadmap URL
https://roadmap.sh/cyber-security
### Suggestions
# CTF Section updates:
- Add https://ctftime.org/ since it shows a updated list of all current and future CTF’s.
# Beginner C…