As part of general security good practices, you should always (whenever possible):
secure and http_onlyHSTS)In cryptography work, RC4 (Rivest Cipher 4) is well known as both one of the easiest to implement and fastest to run symmetric encryption algorithms. Unfortunately, over time there have been a number of attacks on RC4, both in poorly written protocols (such as in the case of WEP) or statistical attacks against the protocol itself.
Still, for how well it formed, it’s an amazingly simple algorithm, so I decided to try my hand at implementing it.
Cross-site request forgery attacks are among the most common vulnerabilities against websites, listed as number 8 on OWASP’s 2013 Top 10 list.
For a research project I’m working on, it has become necessary to scan potentially large IPv4 prefixes in order to find any DNS revolvers that I can and classify them as either open (accepting queries from anyone) or closed.
Disclaimer: This is a form of port scanning and thus has associated ethical and legal considerations. Use it at your own risk.
This project is available on GitHub: jpverkamp/dnsscan