Collaborate Disseminate
In my organization we have a cloud proxy that work on a loopback address. The vendor of this proxy has deployed an app on our machine which listens on the loopback address.
I have captured the apps traffic with Wireshark. … Continue reading SSL handshake not visible in Wireshark
Beware! Billion of Android users can easily be tricked into changing their devices’ critical network settings with just an SMS-based phishing attack.
Whenever you insert a new SIM in your phone and connects to your cellular network for the very first … Continue reading Just An SMS Could Let Remote Attackers Access All Your Emails, Experts Warn
As per my understanding, after the TCP three-way handshake we send a TLS ClientHello which has the SNI field in clear text and anyone can see which website I am trying to connect to.
Isn’t it a threat that anyone can see my … Continue reading Is this a threat if website to connect to is in clear in the TLS SNI extension or when using an HTTP proxy?
As per my understanding, after the TCP three-way handshake we send a TLS ClientHello which has the SNI field in clear text and anyone can see which website I am trying to connect to.
Isn’t it a threat that anyone can see my … Continue reading Is this a threat if website to connect to is in clear in the TLS SNI extension or when using an HTTP proxy?
This question already has an answer here:
I have a mobile app that queries various 3rd party API/sites (these are https links). I have a concern that SSL proxies (e.g. Charles) can be used to intercept the traffic – man in the middle.
Are there any instances that charles would not ables to read the traffic?
It seems crazy to me that something basic like SSL proxy can undermine a well used technology – TLS.
What are my options to mitigate against a SSL proxy decrypting the traffic and possibly seeing sensitive information?
Would Public key pinning be a possible mitigation ? Anything else?
I am considering using URL rewrites in kubernetes nginx proxy to publish selected context paths in microservices which are run in a cluster running internal services. For example
https://public.mycompany.com/microserviceone/api/v4/resourc… Continue reading URL rewrite spoofable
I wanted to test the Expect-CT security header. So I searched for sites and found that LinkedIn uses the Expect-CT header:
Expect-CT: max-age=86400, report-uri=”https://www.linkedin.com/platform-telemetry/ct”
I configured… Continue reading Why isn’t an Expect-CT violation report sent when I use a certificate generated with Burp Suite?
To sniff HTTP/HTTPS traffic, I want to set up a fake DNS server using dnschef and have my router forward all DNS traffic on my LAN to my attack machine running mitmproxy.
Let’s say my attack machine is a parrot security box … Continue reading Fake DNS with mtmproxy on LAN? [on hold]
CORS Anywhere helps with accessing data from other websites that is normally forbidden by the Same origin policy of Web browsers.
Can CORS Anywhere be used to bypass CSRF protection?
Reason to ask the question here:
Si… Continue reading CORS Anywhere to bypass CSRF protection
Following this post, outgoing traffic will go through the proxy only if the requesting app knows the proxy url, if it doesn’t then sending the request out of the LAN is denied by the proxy.
In this case it’s like the app say… Continue reading Why do we have to specify HTTP proxy specs when inside a LAN that is behind a proxy server?