Highest Voted 'domain' Questions - IT Security Stack Exchange

0

votes

2 answers

allowing users to add custom html/js code and show it only under another domain

I have a web app where I allow users to create a one-page portfolio using drag and drop, also I allow them to add custom HTML freely (basically any html or js code) I'm aware that I shouldn't allow the custom HTML to be executed while they are in…

secure-coding domain saas

asked Nov 26 '20 at 14:43

medBouzid

129
3

0

votes

1 answer

Is an IP not being redirected to it's associated domain considered unsecure?

I've got a server that has domain and an SSL Certificate issued to that domain. It's expected behavior that when an IP address is browsed, it redirects to the domain name of the server and the SSL Certificate is valid. e.g: https://ip =>…

tls certificates ip domain

asked Oct 27 '20 at 02:49

Crashie

23
4

0

votes

1 answer

.local domain any possible ways in getting the extension

I was recently working on Broken link Hijacking and found a link in a target which reflected on multiple pages. It was portal.REDACTED.local which was not accessible and returned response as bad host. So I never saw a extension that has .local so I…

network penetration-test domain

asked Oct 17 '20 at 18:12

None_None

45
5

0

votes

1 answer

What is the list of known host domains where subdomains come from different providers?

I recall that there is a list of hosting domains that are known to have subdomains from different sources, as for example wix.com and appspot.com, built into browsers. For such domains, subdomains do not inherit trust from the domain. I forget the…

web-browser domain

asked Sep 03 '20 at 12:12

Joshua Fox

239
1
10

0

votes

1 answer

Why can I still receive email at my old domain after someone else bought it?

My domain expired years ago and was registered by another party. I have already read Can someone read my E-Mail if I lose ownership of my domain? and see that the answer is yes. Now if someone buys the domain and creates a mx record pointing to the…

email dns web-hosting domain registration

asked Jun 23 '20 at 17:32

teauxfu

3
2

0

votes

1 answer

Cookie domain security

Recently, I started diving into cookies, but as far as the domain property is concerned I don't think it is straightforward. I read this…

cookies domain sub-domain

asked May 15 '20 at 23:38

Maikkeyy

187
7

0

votes

1 answer

Point domain to IP address on Cobalt Strike

On Cobalt Strike how do I point a domain (in this case a subdomain) to the IP address to create a listener?

domain

asked May 04 '20 at 23:40

little_stacker

9
1

0

votes

0 answers

Risks associated with developers using their own domain for development services

We have some development and test environments using our canonical domain, e.g. dev.example.com. We also use some services from 3rd party providers that have obscure URLs like xjkhasdkjvhas.dns.ashdfb.3rdparty.io. The canonical domain is maintained…

dns-domain domain

asked Dec 05 '19 at 04:02

DLT

1
1

0

votes

0 answers

Is one top level domain more inherently secure than another?

There's an interesting discussion going on at work right now. Someone wants to move their app off a .com domain and put it on a .net domain. They contend a .net domain can provide the level of security which the .com domain was not able to…

domain

asked Nov 20 '19 at 15:21

MGoBlue93

185
7

0

votes

1 answer

Universal DNS Resolver

I would like to implement a DNS client which should be able to resolve any valid domain public, private or otherwise (tor,i2p). What's the best way to achieve this? I know that I need to pick a particular DNS server based on the TLD, for e.g, in…

dns ip python dns-domain domain

asked Oct 21 '19 at 12:38

jamie

3
2

0

votes

1 answer

One domain using certificate of other domain

I recently Googled a website e.g A.com and found B.com in search result at the top. In reality A.com should be on top as B.com doesn't have anything in common or related to A.com but Google shows it in search result at top. In fact all meta tags /…

tls-intercept domain

asked Jun 04 '19 at 19:11

Alkemi

3
1

0

votes

1 answer

Subdomain api.domain.com - more vunerable to attacks?

I am in the process of setting up an api which will have the subdomain "api.", I have been advised to change this to something "less obvious" to avoid automated attacks against it. I can't find any advice on naming subdomains to avoid attacks and…

api domain

asked Mar 21 '19 at 08:43

Mike

25
4

0

votes

2 answers

how one can find out sub-domains of a domain without brute-force?

I had to edit my original question after several answers were submitted. Original question was: how one can find out sub-domains of a domain without brute-force? is there a way to request a domain hosting provider or a name server for…

domain

asked Mar 06 '19 at 18:08

user188145

9
3

0

votes

2 answers

How to check if a list of domains contains any WordPress installation?

Does any software or any other way to detect if a website contains any WordPress installation? For example lets say we have the website example.com which is not a WordPress site, but we have a WordPress site in the path example.com/blog and…

wordpress burp-suite web-hosting domain nessus

asked Jan 30 '19 at 00:32

chrysst

157
4

0

votes

1 answer

Benign, Malicious Domains and Definitions

I am working on a research project where we segregate domains used for malicious purpose from benign domains. However, my guide does not want the term malicious domain and benign domain in the paper. This is because, according to him, a domain in…

terminology domain

asked Aug 18 '18 at 19:46

Jishan

193
8

Questions tagged [domain]