-
What ways could we detect abuse, or bad actors? How could we solve them? I can think of a few.
- Bruteforce attacks
- DDOS attacks
-
> Local Strategy should be protected against Brute-Force attacks. One simple and good technique is [limiting failed consecutive attempts](https://github.com/animir/node-rate-limiter-flexible/wiki/Over…
-
I think it should also trigger on admin-ajax.php like below.
Don't know if this is something new but everything posts to admin-ajax.php on my WP sites when trying to login.
```
type: leaky
name:…
-
It would be nice if pwnagotchi could be more intrusive and perform various WPS attacks.
Like [Pixie Dust](https://kalilinuxtutorials.com/reaver-pixewps/) and regular [PIN bruteforce](https://tools.k…
-
Login_page_valid_credentials
Remember_me_functionalty
Login_page_Invalid_username
Login_page_invalid_password
Login_page_Empty_Username
Login_page_empty_password
Login_page_Bruteforce_attacks
-
Write nginx rules to protect some endpoints from bruteforce like attacks:
* /auth/login from bruteforce
* /auth/me from server overload, because it use crypto functions to validate token
* /notificati…
-
Pimatic should provide protection against brute force login attacks. See also https://forum.pimatic.org/topic/2385/bruteforce-login-failed-protection
-
*tr1cks:*
I see it as email notification about security events.
Examples of security events:
* Attempts to bruteforce SSH password.
* Appear unknown MAC's in network.
* Deauthentication…
-
*tr1cks:*
I see it as email notification about security events.
Examples of security events:
* Attempts to bruteforce SSH password.
* Appear unknown MAC's in network.
* Deauthentication…
-
To improve security, e.g. agains bruteforce attacks, we could require 2FA when a user wants to login via password authentication.
The assignments provides us with email addresses, which we could us…