Problem: There is no way to show SSL certificate in Safari on iOS. Reason: It seems to be by design. Solution: Use Chrome for iOS. Note: You can view SSL certificate on https://www.digicert.com/help or other SSL diagnostics services, only …

There is no way to show SSL certificate in Safari on iOS

(A) Use "netsh trace" command pros: You can use it in isolated network. cons: You should convert the captured file with Microsoft Message Analyzer if you want to see packets with Wireshark. (You can also view the packets with Microsoft Mes…

How to capture network packet without additional software in Windows

Context When you try to attack to OAuth2 Authorization Code Flow with CSRF (See RFC 6749 "10.12. Cross-Site Request Forgery"), you have to pause before redirect in order to get redirection URI, because the redirection URI is unique and wil…

Pause before HTTP redirect (302) and get redirection URI with Chrome developer tools

In Japan, so many companies have their own security policy like "When you send email with attachments, you must zip all the attachments with password, and send the password in another email". Some say this policy is pointless, but on the o…

Who does recommend to encrypt the attachments in email

Purpose of account lockout These are some purpose for account lockout, such as: Detect login attempts 1 Example: Logging 2 Slow down login attempts Example: Duration-based lockout, scrypt, Argon2 Interrupt login attempts Example: Requires …

What can you do with account lockout and its unlock