All Pages (By Popularity)
This is a list of all pages on this web site, sorted on the amount of upvotes and downvotes visitors have given them. Please upvote the pages you like and downvote the ones you don't.
12240
|
Online x86 / x64 Assembler
Assemble x86 and x64 code in your browser!
|
7696
|
Big Number Calculator
A tool for calculating with huge numbers.
|
2366
|
PIE Bin
A pastebin with both client-side and server-side encryption.
|
1546
|
Online Hash Calculator
A tool for computing hashes (MD5, SHA1, SHA2, etc.) of text and files.
|
1495
|
Timing Side Channel Port Scanner in the Browser
How web pages can use a timing side channel to "scan" your local network.
|
1376
|
Password Policy Hall of Shame
A list of web sites that store passwords in plain text, restrict password length, or restrict password characters
|
1294
|
PBKDF2 for PHP
A fast implementation of the PBKDF2 key stretching function in PHP.
|
1251
|
EncFS Security Audit
The results of an EncFS security audit.
|
961
|
TRENT - Trusted Random Entropy
A free trusted third party random number generator.
|
711
|
Hashes of TrueCrypt Version 7.1a Files
Hashes of all files from the last version of TrueCrypt
|
694
|
How do we model this robot?
The difference between Computational Ability and Informational Ability
|
661
|
HTML Escape Tool
A tool for HTML-escaping text so that it looks and behaves exactly like it does in a text editor.
|
626
|
Blind Birthday Attack
A birthday attack without knowing what the collision actually is.
|
610
|
Encryption - CBC Mode IV: Secret or Not?
Should the IV in CBC mode be kept secret?
|
560
|
Honestyware
A philosophy for selling software and other digital content on the internet.
|
492
|
Bochs Disk Images
Disk images for the Bochs x86 emulator.
|
486
|
Backup Verifier Script (Ruby)
A Ruby script that compares two directories and reports the differences.
|
486
|
Reading List
A list of the books I have read.
|
481
|
Is Security Local?
Is security a locally-verifiable property of computation?
|
476
|
TrueCrypt's Plausible Deniability is Theoretically Useless
Why you really ought to have a hidden volume, even if you don't need one.
|
475
|
My Vim Configuration
My configuration of the Vim text and code editor.
|
465
|
Encrypting One Time Passwords (EOTP)
EOTP is a cryptographic One Time Password (OTP) protocol designed to provide a static encryption key across login sessions.
|
452
|
High-Security Offline Password Generator
A secure random password generator for Windows, Linux, and Mac.
|
436
|
eCryptfs Security Audit
The results of an eCryptfs security audit.
|
431
|
The PUP Confusion Technique
Undetecting malware by making it look like a Potentially Unwanted Program (PUP).
|
423
|
Advice to Aspiring Computer Security Engineers/Scientists
Some advice for new computer science students based on my experience.
|
419
|
ZeroBin Security Audit
A security audit of the ZeroBin pastebin.
|
415
|
HelloWorld! - A Light & Secure CDS for PHP
A lightweight, ultra-secure, CMS/CDS for PHP
|
407
|
Using the Vim Editor for Syntax Highlighting in PHP
Generate syntax-highlighted code automatically in PHP with Vim.
|
405
|
Asus G Series Keyboard Design Error
Fixing a problem with the keyboard in an ASUS laptop.
|
348
|
Practical Race Condition Vulnerabilities in Web Applications
An example of a web application (PHP) vulnerable to a race condition, and how to fix it.
|
339
|
Web Browser Cryptography is a Good Thing
Why we should support the development of browser-based crypto applications.
|
326
|
GnuTLS Pre-Shared Key Client-Server Example
How to establish an SSL/TLS connection with GnuTLS and PSK authentication.
|
312
|
Insane Password Restrictions
Why do some websites enforce a maximum password length? Why aren't certain characters allowed?
|
305
|
"Privacy Aware" Unique Hit Counter for PHP
A simple hit counter that stores only a hash of your visitor's IP address.
|
286
|
Exploiting C++ VTABLES: Instance Replacement
Use a memory corruption vulnerability to change an instance of class A into an instance of class B.
|
269
|
FLUSH+RELOAD: Multi-User Systems are Doomed
The FLUSH+RELOAD side-channel attack breaks the security of multi-user systems.
|
266
|
Email Spoofing in Ruby
A Ruby script for spoofing email to SMTP servers.
|
259
|
Data Flow in Web Applications
A look at the flow of data in web applications and how it can be tamed for security.
|
259
|
Writing Tips
Short tips to make your writing better.
|
246
|
Cracking Synergy's Bad Cryptography
A tool to crack Synergy's homebrew cryptography.
|
244
|
Centripetal Acceleration
Deriving the centripetal acceleration equation.
|
237
|
Password Hashing After the PHC
Giving authenticators an advantage over password crackers with cache.
|
234
|
Triangle of Secure Code Delivery
Three properties necessary and sufficient for delivering code safely.
|
215
|
Centralization is Killing Bitcoin
An article on Bitcoin, centralization, and DDoS attacks.
|
199
|
How to Encrypt Data in PHP
The right way to encrypt data in PHP.
|
198
|
Forcing HTML/CSS Background Color to Print
How to force browsers to print the background color of HTML elements (using images).
|
168
|
The Cheese Universe Paradox
A formal proof that the universe is made entirely of cheese.
|
166
|
Bochs Hacking Guide
Hacking the Bochs x86 CPU emulator.
|
143
|
Sockstress DoS Tool
A public domain C implementation of the sockstress DoS attack.
|
138
|
The New York Times and Algebra
The New York Times does not (necessarily) fail at algebra.
|
116
|
A Manual Random Number Generator
Generating random numbers with paper coins.
|
115
|
Hash0 Security Audit
A security audit of the Hash0 pastebin.
|
106
|
Mitigating BREACH in PHP
PHP code for mitigating the BREACH attack.
|
105
|
Salted Hash Cracking PHP Script
A script for cracking hashes when all you have is PHP.
|
72
|
PEFS Security Audit
Security audit of the Private Encrypted File System (PEFS).
|
42
|
Confirmed: Microsoft Visits Links You Send In Skype
I sent a link through Skype and Microsoft visted it, confirming The H's claims.
|
38
|
Send a Message to the Future
Save a message that will become readable after quantum computers are built.
|
33
|
Concentration Bounds from Parallel Repetition Theorems
My master's thesis, showing how concentration bounds can be derived from parallel repetition theorems for nonlocal games and interactive proofs.
|
20
|
Gocryptfs Security Audit
A security audit of the gocryptfs encrypted filesystem.
|
11
|
A Plausible Reason It's So Hard To Prove P!=NP
Attempting to show why P!=NP is hard to prove using hash functions.
|
0
|
Gocryptfs Security Audit
A security audit of the gocryptfs encrypted filesystem.
|
-3
|
A Simple Proof of Gödel's Second Incompleteness Theorem Using Turing Machines
Proving Gödel's second incompleteness theorem in a way that should be understandable to anyone who understands the proof that the halting problem is undecidable.
|
-15
|
Side-Channel Attacks on Everyday Applications
My Black Hat USA 2016 talk about the Flush+Reload side channel.
|
-20
|
File System Events Leak Folder Contents
An information disclosure vulnerability in Windows shared folders that lets you see what's in folers you can't access.
|
-114
|
Combat in X-Plane 10
How to configure X-Plane 10 for combat.
|
|
Generating Random Passwords in PHP
How to generate unbiased passwords in PHP (plus some common mistakes).
|