⚠️ Pracivo Security Lab — Cryptography vulnerabilities: ECB penguin attack, padding oracle, weak ciphers, SSL/TLS misconfig, JWT cracking.
Weak Cipher Demonstration
WEAK ENCRYPTION
# Real-world weak cipher findings:
# - md5(password) as "encryption" for stored passwords
# - base64 encoded JWT with alg:none
# - XOR "obfuscation" in malware that's trivially reversible
# - DES (56-bit key — brute forced in 22 hours, 1998)
# - RC4 (used in WEP WiFi, broken in seconds with enough traffic)
# - MD5 collisions (two files with same hash — SHA-256 instead)
# Tools for classical cipher analysis:
# - quipqiup.com (substitution cipher solver)
# - cryptii.com (cipher playground)
# - dcode.fr (100+ cipher types)