Tech StackThe software that powers this store is all open-source software.
- ASP.NET MVC by way of Apache/mod_mono - API and web front-end
- Ubuntu Linux - operating system
- PostgreSQL - database
- NHibernate - ORM
- RabbitMQ - communication
- Redis - manage session tokens
- Let's Encrypt - SSL certificates
- Tarsnap - daily backups
- Metasploit Framework
We use a strong work factor of 10 to hash passwords with the bcrypt hashing algorithm. Security was the first consideration when designing the whole system. Products and session identifiers are stored separately from the general system database, so any compromise of the database would require password hash cracking to take over any accounts. Currently, the only two-factor authentication support is by logging in with a two-factor enabled Twitter account, but we are actively looking to fix this.
VolatileMinds never sees or stores your credit card number. We use Stripe as our payment gateway which handles 100% of the payments. We have no ads, social media, or pixel trackers, and we do not sell the little information we ask for. All we care about is providing the best Metasploit modules we can to those who need to test for vulnerabilities and verify patches.
If you happen to find a bug or security vulnerability in the VolatileMinds plugin, modules, or supporting systems, please report it to firstname.lastname@example.org. We will provide full attribution when appropriate and desired. Monetary imbursement could even be in order, depending on severity. Security is our first priority.