Search Results for "attacks"

An open source implementation of the FIDO2 protocol to support passwordless strong authentication using public-key cryptography. Supports registration, authentication (all platforms), and transaction authorization (for native Android apps).

...Key Features No external dependencies — pure C++20 implementation. Extendable Output (XOF) — supports arbitrary output length (256–8192+ bits). Post-quantum oriented design — ARX-based sponge resistant to Grover-type attacks. Context and salt separation — unique hashing domains for each use-case. Optimized performance — ~120–130 MB/s Comprehensive verification — verify_all.sh performs KAT tests, determinism checks, and performance validation. Verification Script: chmod +x verify_all.sh ./verify_all.sh https://github.com/01alekseev/PetoronHash-System Ivan Alekseev | petoron.org

Don't use this tool for production apps. I gave up on keeping this tool updated because every Swift release breaks SourceKit in a different way. It's probably really broken and is only useful as a way for you to learn more about obfuscation and SourceKit. SwiftShield is a tool that generates random and irreversible encrypted names for your iOS project's types and methods (including third-party libraries). It uses Apple's SourceKit to mimick Xcode's indexing behavior, revealing a complete map...

...The first version of SSL Kill Switch was released at Black Hat Vegas 2012. Installing SSL Kill Switch 2 allows anyone on the same network as the device to easily perform man-in-the-middle attacks against any SSL or HTTPS connection. This means that it is trivial to get access to emails, websites viewed in Safari and any other data downloaded by any App running on the device.

ESP8266 firmware for performing deauthentication attacks, with ease. Wi-PWN is a firmware that performs death attacks on cheap Arduino boards. The ESP8266 is a cheap microcontroller with built-in Wi-Fi. It contains a powerful 160 MHz processor and it can be programmed using Arduino. A deauthentication attack is often confused with Wi-Fi jamming, as they both block users from accessing Wi-Fi networks.

...LUDS remains ubiquitous despite being a conclusively burdensome and ineffective security practice. zxcvbn is an alternative password strength estimator that is small, fast, and crucially no harder than LUDS to adopt. Using leaked passwords, we compare its estimations to the best of four modern guessing attacks and show it to be accurate and conservative at low magnitudes, suitable for mitigating online attacks. We find 1.5 MB of compressed storage is sufficient to accurately estimate the best-known guessing attacks up to 105 guesses, or 104 and 103 guesses, respectively, given 245 kB and 29 kB. zxcvbn can be adopted with 4 lines of code and downloaded in seconds. ...