You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In cybersecurity data, URLs are likely to be adversary-controlled. Visiting them is therefore very bad, for two reasons:
They could attempt to infect your machine
Your visit could tip the adversary off that the URL has been found, causing them to take it down and denying investigators evidence of what the adversary was up to.
This tool looks really great, and I'd love to use it, but unfortunately I can't until there's a global setting that guarantees no requests could possibly go to untrusted/adversary-controlled systems.
An in-between setting might be allowing it only after explicit approval per-URL. An even fancier variation would be to do what VSCode and others do, and allow the user to say "trust this domain" so someone could use the app in this restricted mode while still allowing auto-resolution of their company's own APIs.
The text was updated successfully, but these errors were encountered:
In cybersecurity data, URLs are likely to be adversary-controlled. Visiting them is therefore very bad, for two reasons:
This tool looks really great, and I'd love to use it, but unfortunately I can't until there's a global setting that guarantees no requests could possibly go to untrusted/adversary-controlled systems.
An in-between setting might be allowing it only after explicit approval per-URL. An even fancier variation would be to do what VSCode and others do, and allow the user to say "trust this domain" so someone could use the app in this restricted mode while still allowing auto-resolution of their company's own APIs.
The text was updated successfully, but these errors were encountered: