Pinned Repositories
_production-quality_dtls-tesla
apollo-server-updates
🌍 Spec-compliant and production ready JavaScript GraphQL server that lets you develop in a schema-first way. Built for Express, Connect, Hapi, Koa, and more.
Awesome-Fuzzing
A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.
Bash-Shell-Scripts
cayman
Cayman is a Jekyll theme for GitHub Pages
CrackQL
CrackQL is a GraphQL password brute-force and fuzzing utility.
DVWA
Damn Vulnerable Web Application (DVWA)
graphql-validation-complexity
Query complexity validation for GraphQL.js
PRNG-Beacon-using-Blockchain
Public randomness is a critical component in many (distributed) protocols. Generating public randomness is hard when there is no trusted party, and active adversaries may behave dishonestly to bias the randomness toward their advantage. Our goal is to provide continuous public randomness using Blockchain as a source of entropy and also leveraging the randomness provided by multiple volunteer users (delegates) to mitigate the biasing attacks. The main challenges of using multiple delegates are (i) the efficiency; in terms of financial and communication cost and (ii) the fairness; delegates may abort to reveal their randomness in order to bias the result. We consider two threat model in this project, where (i) delegates are independent of the miners and (ii) cheating delegates can collude with miners. We modify one of the existing schemes (Yajam et al.) which is based on Pedersen threshold cryptosystem to reduce the number of honest parties needed and the communication cost to guarantee unbiased beacon service in both threat models. We require at least two honest parties in the system. Using Ethereum smart contracts, we will implement our proposed schemes and also Yajam et al scheme and compare them in terms of the communication and computation complexity, gas consumption and transaction cost. We will also argue about the security and the trade-offs of reducing the number of honest parties in our schemes.
RTT-UDP-Connection
simpyparveen's Repositories
simpyparveen/PRNG-Beacon-using-Blockchain
Public randomness is a critical component in many (distributed) protocols. Generating public randomness is hard when there is no trusted party, and active adversaries may behave dishonestly to bias the randomness toward their advantage. Our goal is to provide continuous public randomness using Blockchain as a source of entropy and also leveraging the randomness provided by multiple volunteer users (delegates) to mitigate the biasing attacks. The main challenges of using multiple delegates are (i) the efficiency; in terms of financial and communication cost and (ii) the fairness; delegates may abort to reveal their randomness in order to bias the result. We consider two threat model in this project, where (i) delegates are independent of the miners and (ii) cheating delegates can collude with miners. We modify one of the existing schemes (Yajam et al.) which is based on Pedersen threshold cryptosystem to reduce the number of honest parties needed and the communication cost to guarantee unbiased beacon service in both threat models. We require at least two honest parties in the system. Using Ethereum smart contracts, we will implement our proposed schemes and also Yajam et al scheme and compare them in terms of the communication and computation complexity, gas consumption and transaction cost. We will also argue about the security and the trade-offs of reducing the number of honest parties in our schemes.
simpyparveen/Bash-Shell-Scripts
simpyparveen/CrackQL
CrackQL is a GraphQL password brute-force and fuzzing utility.
simpyparveen/DVWA
Damn Vulnerable Web Application (DVWA)
simpyparveen/_production-quality_dtls-tesla
simpyparveen/apollo-server-updates
🌍 Spec-compliant and production ready JavaScript GraphQL server that lets you develop in a schema-first way. Built for Express, Connect, Hapi, Koa, and more.
simpyparveen/Awesome-Fuzzing
A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.
simpyparveen/cayman
Cayman is a Jekyll theme for GitHub Pages
simpyparveen/cheerp-newlib
A cheerp enabled libc implementation
simpyparveen/Cirq
A python framework for creating, editing, and invoking Noisy Intermediate Scale Quantum (NISQ) circuits.
simpyparveen/DTLS-TESLA-ECDSA-Frag
simpyparveen/GC2021-PQDTLS
simpyparveen/graphql-validation-complexity
Query complexity validation for GraphQL.js
simpyparveen/GetRandom
simpyparveen/graphql-armor
🛡️ The missing GraphQL security security layer for Apollo GraphQL and Yoga / Envelop servers 🛡️
simpyparveen/hash-sigs
A full-featured implementation of of the LMS and HSS Hash Based Signature Schemes from draft-mcgrew-hash-sigs-07.
simpyparveen/Image-Encryption-and-Decryption-using-AES-algorithm
simpyparveen/K2SN-MSS
simpyparveen/markdown-preview-enhanced
One of the 'BEST' markdown preview extensions for Atom editor!
simpyparveen/matrixssl
Lightweight Embedded SSL/TLS Implementation for IoT Devices
simpyparveen/Offensivesecurity-Checklists
Checklists for Testing Security environment
simpyparveen/pentest-wiki
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
simpyparveen/PQ-DTLS-thesis
simpyparveen/sample-website
simpyparveen/securityblog
simpyparveen/SecurityExplained
SecurityExplained is a new series after the previous learning challenge series #Learn365. The aim of #SecurityExplained series is to create informational content in multiple formats and share with the community to enable knowledge creation and learning.
simpyparveen/simpyparveen.github.io
simpyparveen/Space-Devs
SpaceX GraphQL API
simpyparveen/Testing-SCTP
Testing SCTP for one-to-many
simpyparveen/TinyDTLS
Tinydtls is a library for Datagram Transport Layer Security (DTLS) covering both the client and the server state machine. It is implemented in C and provides support for the mandatory cipher suites and provides basic support for DTLS with pre-shared key mode. This DTLS implementation for Contiki OS supports TLS\_PSK\_WITH\_AES\_128\_CCM\_8 cipher suite (described in draft-mcgrew-tls-aes-ccm-04) only. This code uses SHA2 algorithm to implement SHA-256, SHA-384 and SHA-512. TinyDTLS.