Collaborate Disseminate
I was trying to do vulnerability testing to an android mobile banking app so to get the endpoints of the API I installed the app into android emulator and captured the requests with transparent proxy called PolarProxy (it’s very affective… Continue reading Is there is another ways to authenticate requests to remote server other than Client Certificates?
While testing any site using BurpSuite, if we send any request it will use BurpSuite HTTP "Proxying through BurpSuite" but still we are not fully anonymous, it will still use our original IPv4 address to send requests. So I tried… Continue reading Staying anonymous while using BurpSuite
I am working on this question which asks how you would conduct a scan of a target network to identify open service ports without revealing your IP address. It wants details such as IP address obfuscation, requirements to be met to receive … Continue reading How would you hide yourself whilst conducting a scan on a target network to identify open service ports?
I need to implement a web application consisting of the components
FE (Nginx + React.js)
BE (Java SpringBoot)
DB (MySQL)
For simplicity we will assume that the DB runs in localhost on BE’s machine.
From an architectural point of view, I … Continue reading Is there a real gain in terms of security by not using a reverse proxy?
Using the requests library, I am trying to make request to a url. I’ve set the target to the specific url and checked, "And URL Is in Target Scope" in both Request interception rules and Response Interception rules.
Here’s a snip… Continue reading Not able to see server response when making request using python
How to connect to VPN service on Android via its app if it’s restricted by state ISPs, but you’re able to connect via cloud VPS network outside the state
My idea is about concepts in general:
you have some Android 9+ device
you have some … Continue reading ISP-restricted VPN on Android
I see a lot of TCP connections in proxy logs in Splunk e.g. tcp://Google.com. I don’t understand if this is user activity or some file reaching out or some website connecting to Google.
For example: Twitter is blocked in our environment. H… Continue reading TCP connections in proxy logs in splunk [closed]
I have extra devices on my Wi-Fi that are not mine and I want to find out where these devices are. There are iPhones on my wifi that I know I haven’t connected.
I was told by a friend that my IP address is being used as a proxy. How can I … Continue reading How do I stop xfinity IP address from being used as a proxy [closed]
Currently I’m working with mitmproxy and intercepting some HTTPs traffic using it. Before I could use it in my browser, I had to trust the certificate via my OS settings. After that, the certificate was trusted by my machine and browser di… Continue reading Misuse of trusted certificate authority [duplicate]
Imagine the following imaginary scenarios:
In order to browse the Internet, users must go through a central web proxy. It is authenticated and can enforce rules about who can access which URLs or which file types are okay to download. At … Continue reading Central Web Proxy vs Endpoint Protection