Hosting EDUCATIONAL Phishing Site - hosting

Is there any place where I can legally host a phishing site for educational purposes? I need to for my Information Security course project. I've hosted it on Firebase and Github but they've both been taken down. Any hosting sites that will allow this?
Tried hosting on Firebase and Github, got removed and flagged

Related

error on web browser 'Website not secure'

I have a application hosted when I visit the site www.mysite.co.uk
Im getting Website Not Secure. Obviously this doesnot look good if users are accessing the site. How Can I fix this?
My application is hosted on heroku
I have added my domain to heroku:
Domain -> www.mysite.co.uk
DNS -> www.mysite.co.uk.herokudns.com
ACM Staus:OK
Heroku also gives me info that "Your app can be found
at https://www.mysite.co.uk"
And heroku manages the SSL certificate automatically.
The domain however is managed by gandhi.net
And I have configured the DNS to:
www CNAME 10800 www.mysite.co.uk.herokudns.com.
That is the responsibility of the one who offers the domain, because they are the ones who have the servers, in the browsers it appears that it is not safe because they do not have the necessary security certificates to be considered a "secure site".
If the hosting provider tells you that you have to install it, you should ask them how to do it

Are heroku apps anonymous?

If I have made 2 different heroku apps, can someone who randomly sees one also find the other and know that I made it? (They are not linking to each other of course)
Thanks!
If you look at Heroku Website you will notice that it is a deployment service for developers equipped with all required tools. On Heroku there is no way to find who is registered with Heroku or list of registered apps on Heroku just like Github.
So Github has a different service model, and we can easily search any repo, any author (if public). On Heroku there is no area or option to search like that.
Except that, if you are using Heroku for free and their free domain, then the prefix in start of your free domain name will let others know that you are using Heroku platform (with free package or have not configured real domain yet).
Twilio a famous SMS API service provider, has their chat service hosted on Heroku, they didn't configured the domain, hence I noticed Herokuapp in start of their chat window URL, which let me know that they are using Heroku.

Deploying a Phoenix app to Heroku using CloudFlare

I started developing my personal blog (and a basic CMS) using Phoenix.
I successfully deployed it to Heroku following the Documentation/Guides, it's live.
Now I added my custom domain "jonathansoifer.com" to the Heroku App but everytime I access it, the URL on the browser switches from that custom domain to the "Heroku app URL" (jonathansoifer.herokuapp.com).
Am I missing something?
It might be useful to know that the DNS is being managed by CloudFlare, using CNAME flattening as recommended by CloudFlare itself.
CNAME • jonathansoifer.com • jonathansoifer.com.herokudns.com
Sure enough, the issue was within config/prod.exs.
I had hard coded the Heroku URL there in order to take advantage of Heroku's free SSL when using their subdomains.

Do I have to publish my project in order for it to work with any enterprise (Google Apps for work) accounts?

I am implementing an integration with Google Drive, which is to show a user's Drive files on our own website (after a 3-legged OAuth2 authorization).
So it is not a webapp that you will connect to the Google Drive UI, and thus I don't see the need to publish it in Apps Marketplace.
My project is created with my personal (free) account on console.developers.google.com,
and I'd like to confirm here: if not published, will it still work with any types of accounts, especially with enterprise accounts(e.g. Google Apps for Work)?
It does not need to be published as long as the domain administrator has not disabled Drive Apps. If a domain admin has disabled Drive Apps, I believe publishing to the Google Apps Marketplace is required so that the domain admin can install the App for all domain users.

How to get digest-authentication working on Team Foundation (2008) Project Portal sites

I am just starting out with Team Foundation Server 2008, and one of the hangups I've experienced is the following:
I create a new Team Project, as well as a Project Portal (which I believe is just a Sharepoint site). When I go to view the project portal in the browser, it prompts me for a username and password. I want it to use digest authentication (meaning it just uses my current domain credentials). I have this working on the Team Foundation site itself, but I cannot seem to get it working at all on the Project Portal sites that TFS creates for me.
Any thoughts? I've already attempted to set digest authentication on the Default Website as well as the Sharepoint Central Administration (v3) site, both of which did not fix my problem.
EDIT: I am running this on Windows Server 2003.
Check whether the pool account running the TFS sites is in your domain.
Your host may also not be in the 'Safe sites' / 'Intranet Zone' config in Internet Explorer, you can make it a trusted site and mark in the advanced options to send username and password.

Resources