Collaborate Disseminate
I was reading this pdf and at slide number 23 and 24 I read "injected interception". What’s that means ?
in my mind it should be a type of interception that are made by injection. I mean I inject something (for example an image) … Continue reading What’s injected interception?
If a non-compromised device is connected to the internet via open Wi-Fi, anyone can view the traffic.
But if all the connections to the servers use a reasonably secure cryptographic protocol (such as a recent version of TLS), is the commun… Continue reading Are TLS v1.3 connections over open Wi-Fi secure?
I have a game, and I want to know its api request endpoints. But since it is encrypted, I need to get its key log file to decrypt it in wireshark. I tried to run my application with the command –ssl-key-log-file and it doesn’t dump any SS… Continue reading How to dump SSL key log for non-browser applications?
When someone tries to exploit a vulnerability either by sending traffic to the device directly or by making users click on malicious attachments, drive by exploits or other ways, is it possible you miss the initial attack vector even when … Continue reading Can you hide the initial exploit despite complete visibility into the network traffic?
My organization recently added F5 SSL Orchestrator to our network that ended up breaking one of our SSL certs. There is an explanation of how SSL Orchestrator works from F5 here. The description from F5 explains that encrypted SSL traffi… Continue reading How Does SSL Orchestrator Work?
TLS 1.3 is a large departure from TLS 1.2 in many ways. Relevant to this question are the fact that all TLS 1.3 ciphers provide Forward Secrecy — which means strategies used in TLS 1.2 and prior to decrypt TLS traffic passively must chang… Continue reading What strategies exist for decrypting and inspecting TLS 1.3 traffic?
I’m trying to intercept traffic from an Andriod app.
I’ve forwarded ports 80, 443, 6699 and 6698 on Kali to a listener port and set up arp-spoofing. I’m using BurpSuite on the same computer to listen and intercept (invisible proxy).
Certif… Continue reading Needing help intercepting local SSL traffic on a difficult Android app
I read recently about next generation firewalls that use deep-packet-inspection, intrusion-prevention and something the manufacturers call encrypted-traffic-inspection, encrypted-traffic-analytics.
The manufacturers claim the encrypted tra… Continue reading Nextgen firewalls – encrypted traffic inspection
I work in gov organization and recently I learned they set up a MITM, by installing some certificates – so when I visit any web site and then check the certificate info it shows the certificate installed by my organization.
My question is,… Continue reading Tor for confidentiality on corporate network
I tried to reverse engineer an apk app, and it was loading a native code. I have observed that the app was using the native code like this
public static String v = sUQWWyTBEs().toString().substring(32, 37);
the disassembled function sUQW… Continue reading what do these assembly code doing? [migrated]