Collaborate Disseminate
Unlike a NAT gateway, a HTTP proxy have a fixed ingress port, that is, all HTTP clients will connect to a HTTP proxy via the same port. In this case, if there are two clients both requested the same domain through the same proxy, how would… Continue reading Does a HTTP proxy assign a fixed egress port to a client, and if so, for how long?
Let’s assume:
I have a piece of software (with a webUI) that has access to a USB device.
The software itself can’t be changed.
The software has the ability to perform a firmware flash on the USB device, also remotely when uploaded through… Continue reading Is it possible to proxy USB and disconnect when a certain sequence is intercepted before it is (fully) passed to the real USB device?
I’m trying to figure out the best approach for handling external requests. I am working on a system where the application is currently sitting outside (DMZ) and the DB is inside. The specific port required for DB access has been opened fro… Continue reading Ideal system architecture for sensitive data access through DMZ
I would like to use mitm transparent mode with wireguard
So I tried this
mitmweb –mode wireguard 0 (3.656s) < 19:02:30
[19:02:32.784] ——… Continue reading mitmproxy with wireguard to log all network traffic on my machine (arch linux): SERVAIL Recursive question
Every device Bob connects to the WiFi gets infected with malware that records his screen and livestreams it to Alice, further if Alice dislikes what Bob is doing she cuts off the WiFi. Now Bob has a laptop X which faces the internet and an… Continue reading Avoiding Screen Detection [closed]
For some time now, Apple has developed a reputation for manufacturing computers and phones that are not particularly repairable or upgradable. While this reputation is somewhat deserved, especially in recent …read more Continue reading Access the Information Superhighway With a Mac Plus
I am trying to exploit a vulnerability in tomcat based on CVE-2020-13935.
I found online this interesting poc https://blog.redteam-pentesting.de/2020/websocket-vulnerability-tomcat/
In my case, the tomcat server is exposed through a revers… Continue reading can a tomcat application sitting behind a reverse proxy be exploited
I have difficulties understanding socks5 proxies.
I would like to know if I can avoid socks5 proxies seeing the traffic between the client and destination. I would like to achieve something similar to http CONNECT where the client and the … Continue reading Can socks5 proxies work similiar to http connect?
Question
Proxy server that restricted specific IPs to specific domains. I can bypass theses blocked websites by setup my own local proxy server while using the above proxy server as upstream. What happened? Why it worked?
Context:
In my c… Continue reading bypass upstream proxy’s forbidden website by set up local proxy, why it works?
Is this a good approach to preventing the leakage of secrets?
Say I had a simple setup where Alice holds the secret to access Bob, and Charlie has basic shell access to Alice (with a different auth method). Charlie echoing "$BOB_SECRE… Continue reading Intercept calls to authenticated 3rd-party APIs, to automatically add auth keys?