Sarah Jamie Lewis
Sarah Jamie Lewis
A couple more, that I found last night: `branch_page_cross` should be +1 not +2 In CPU `step` the number of clock cycles returned needs to include the number of cycles...
I believe this prevents attacks where the attacker is able to steal or otherwise get the Proof Spec but not compromise the private key. For example, let's say we have...
I kind of agree. Assuming the server always generates a unique random cookie per session I cannot see an attack in which proof or protocol security is compromised by just...
Hi @nyarly - downgrade attacks tend to require a MITM posture to fully exploit, which is currently not possible with ricochet connections, with the onions providing end-to-end encryption. It is...
This looks good to me. I agree that the HTTP server direction feels like the right one. A couple of thoughts - in no particular order or priority: - Without...
Great Idea. Given the nature of the tool, the default should be any network connections use the Tor Proxy. Not sure where to capture these kind of things yet, probably...
+1 disable by default.
Currently OnionScan snapshots everything it finds for later processing, this means the database grows pretty big (for reference on larger onionscan scans I've had the database grow over 100GB) -...
Yes, The snapshot database stores a copy of every page that you visit - this is done to power the correlation engine and can be useful for post-processing of the...
Emails still need to be extract from: - HTTPS Certificates - Various SSH/SMTP/FTP Banners.