-
At the moment, loading Hack-Tools in my Chromium based browser throws an error with the version number defined in the `manifest.json` file, specifically because the version is `0.1.2b`. This is what t…
-
The `Access-Control-Allow-Origin` response header is set to `*` when there is no Origin request header. Wouldn't it be just as effective to not set this response header at all, or have an option to?
…
-
here are the biggest packages we install, see about removing what we can from non-full iso
180M icedtea-3.8.0.tbz2
575M rust-1.25.0.tbz2
129M android-sdk-update-manager-23-r1.tbz2
140M mesa-17.3…
-
In order to offer new services, we need to complete the SCR assessment with our 3PAO
Note: move this ticket to `private` if we get into contracting details
---
## Security considerations
…
-
# Feature request
## Description
Currently there is no design spec for SecureDrop. This leads to some combination of the documentation, source code, ansible, and tests describing what SD does an…
-
**Is your feature request related to a problem? Please describe.**
Gitleaks is doing a wonderful job to detect secrets in the history. Gitleaks gives the commits in which a secret is added and remo…
-
placeholder tasks for the future
-
In engine/Logger.py line 13 we read:
if status:
self.fd = open("/tmp/drupwn.txt", "w")
This opens the possibility for a privilege escalation as any user might create the file /tmp/d…
cym13 updated
4 years ago
-
This would be a pretty big feature add, and a whole new tab in the UI. But for pentesters, it would solve the problem of trying to figure out *everyone* who has access to an S3 bucket or other resourc…
-
## Basic Information
**Name:** OVPN
**Category:** VPN
**URL:** [ovpn.com](https://www.ovpn.com/en)
## Description
- No log service
- Extensive client support: Wireguard, OpenVPN and own cl…