Collaborate Disseminate
I’m trying to figure out the best approach for handling external requests. I am working on a system where the application is currently sitting outside (DMZ) and the DB is inside. The specific port required for DB access has been opened fro… Continue reading Ideal system architecture for sensitive data access through DMZ
I would like to use mitm transparent mode with wireguard
So I tried this
mitmweb –mode wireguard 0 (3.656s) < 19:02:30
[19:02:32.784] ——… Continue reading mitmproxy with wireguard to log all network traffic on my machine (arch linux): SERVAIL Recursive question
Every device Bob connects to the WiFi gets infected with malware that records his screen and livestreams it to Alice, further if Alice dislikes what Bob is doing she cuts off the WiFi. Now Bob has a laptop X which faces the internet and an… Continue reading Avoiding Screen Detection [closed]
For some time now, Apple has developed a reputation for manufacturing computers and phones that are not particularly repairable or upgradable. While this reputation is somewhat deserved, especially in recent …read more Continue reading Access the Information Superhighway With a Mac Plus
I am trying to exploit a vulnerability in tomcat based on CVE-2020-13935.
I found online this interesting poc https://blog.redteam-pentesting.de/2020/websocket-vulnerability-tomcat/
In my case, the tomcat server is exposed through a revers… Continue reading can a tomcat application sitting behind a reverse proxy be exploited
I have difficulties understanding socks5 proxies.
I would like to know if I can avoid socks5 proxies seeing the traffic between the client and destination. I would like to achieve something similar to http CONNECT where the client and the … Continue reading Can socks5 proxies work similiar to http connect?
Question
Proxy server that restricted specific IPs to specific domains. I can bypass theses blocked websites by setup my own local proxy server while using the above proxy server as upstream. What happened? Why it worked?
Context:
In my c… Continue reading bypass upstream proxy’s forbidden website by set up local proxy, why it works?
Is this a good approach to preventing the leakage of secrets?
Say I had a simple setup where Alice holds the secret to access Bob, and Charlie has basic shell access to Alice (with a different auth method). Charlie echoing "$BOB_SECRE… Continue reading Intercept calls to authenticated 3rd-party APIs, to automatically add auth keys?
I am a networking noob who is trying to understand stuff from the expert community here. Here is my issue, I have a Proxy client ABC installed in my PC and all my traffic is routed through this proxy on a normal fine day and I don’t have a… Continue reading What does installation of a VPN chrome extension do to the traffic from chrome
My website is served with TLS and does not use a (TLS-terminating) CDN. Is it still advisable to use Cache-Control: private for protected pages to account for (e.g. corporate) TLS termination proxies on the users‘ end (even though it is no… Continue reading Cache-control and TLS termination proxies