Questions tagged [research]

Question 1

I've been thinking about creating proof-of-concept malicious packages, specifically in the JavaScript space. Think a repository that directly contains malicious code that scans for secrets, or an NPM ...

Question 2

I remember seeing a tweet about an infosec research paper a while ago on how one can put a lot of "fake vulnerabilities", which resemble real vulnerabilities but are actually formally proven ...

Question 3

As we all know, never trust the client, when they send data to your server. However what if you prevent data manipulation by completely restructuring the architecture to something like the following: ...

Question 4

I'm trying to understand how to get more information about a vulnerability given a CVE. I noticed that some CVEs, on websites like https://www.cvedetails.com, have got references to articles or to ...

Question 5

I'm researching information about HTTP/2 from a cybersecurity point of view for an article, and i wanted to include a section about attacks exclusive to HTTP/2 or were this protocol have a key role. I ...

Question 6

RFC5958 defines a set of enhancements to the PKCS#8 key serialization format, bumping the version field up to 1 and additionally permitting serialization of public keys for arbitrary asymmetric ...

Question 7

Based on this question. Why are there more research papers on Android malware than iOS malware?

Question 8

When reading malware-analysis posts, I see researchers talking about sophisticated state-sponsored actors. How can researchers know when something is state-sponsored from their code/C2 servers alone?

Question 9

Reading papers written by teams looking for vulnerabilities using fuzzing, I notice that many people label a crash as a DoS vulnerability. While in other papers and researches, they go deeper after ...

Question 10

I'm doing research about Information Security Controls. Considering that the topic is very wide, I would like to organize in macro categories the security controls that can be adopted by an enterprise ...

Question 11

I am a Computer Science Engineering undergraduate aspiring to pursue a career in the field of cyber security. I have some experience in web application security, memory and network forensics fields. I ...

Question 12

Concept of Rings Rings were introduced in the forerunner of UNIX, Multics, and had 8 rings for reading, writing, executing and calling (I don't quite understand why it needed 8 rings to do this, if ...

Question 13

First off, let me preface this post by saying I'm not a security expert. I'm trying to build regular expressions to find OAuth 2.0 access tokens and API Keys for common web sites such as Google, ...

Question 14

I am going to be starting my dissertation soon in MSc Cyber Security. The supervisor keeps asking me 'What will be your IT artefact?' and to be honest I have no idea what he is actually asking me. I ...

Question 15

I'm attempting to debug different native binaries in my Android device using the adb shell and gdbserver. I receive the following error when i place a breakpoint in a program using gdb and continue ...

Stack Exchange Network

Questions tagged [research]

If I'm creating malicious software for research/educational purposes, how do I avoid my account being banned?

A paper about putting formally proven secure "fake" vulnerabilities into your software to waste malicious actors' time

Prevention of User Tampering the API by Serverless clients which are in sync with the real world client

Get in depth information about vulnerability from a CVE

Are there HTTP/2 specific attacks different from request smuggling?

How to encode a public key in PKCS#8?

Why are there more research papers on Android malware than iOS malware?

How do malware analysts know when malware is state-sponsored? [duplicate]

Is a crash always exploitable for RCE?

Security Controls Categorization [closed]

FYP ideas in Applications of Machine Learning in Cyber Security domain [closed]

Ring -3 exploits and existence of other rings

OAuth access token/API key patterns for large web sites

What is an IT Artefact

Android Debugging: Error accessing memory address [closed]

Hot Network Questions