Public Pentest Report Archives - 7ASecurity Blog

SecureDrop Security Audit by 7ASecurity

Admin — Tue, 29 Oct 2024 08:29:07 +0000

About SecureDrop SecureDrop is an open source whistleblower submission system that media organizations and NGOs can install to accept anonymous, secure documents from sources. It receives documents via the Tor network (a distributed network of relays that help protect users’ privacy), records only the date and time of the transfer, and enables recipients to view submissions in its …

The post SecureDrop Security Audit by 7ASecurity appeared first on 7ASecurity Blog.

7ASecurity Completes Disguiser Framework Audit

Admin — Wed, 06 Mar 2024 08:03:47 +0000

About Disguiser Disguiser is a novel framework that enables end-to-end measurement for accurately and comprehensively investigating global internet censorship practices. It’s challenging to conduct large-scale internet censorship measurement, as it involves triggering censors through artificial requests and identifying abnormalities from corresponding responses. Due to the lack of “ground truth” on the expected responses from legitimate services, …

The post 7ASecurity Completes Disguiser Framework Audit appeared first on 7ASecurity Blog.

DEfO-2 OpenSSL HPKE PR Security Audit

Admin — Wed, 06 Dec 2023 11:31:19 +0000

DEfO is developing an implementation of the Encrypted ClientHello (ECH) mechanism for OpenSSL. This effectively closes a privacy loophole in the Transport Layer Security protocol. Project Overview The DEfO project is developing an implementation of the encrypted ClientHello (ECH) mechanism for OpenSSL, which is a widely used library that provides an implementation of the Transport …

The post DEfO-2 OpenSSL HPKE PR Security Audit appeared first on 7ASecurity Blog.