Kaspersky experts explain the different types of cookies, how to configure them correctly, and how to protect yourself from session hijacking attacks.| Securelist
Ever wondered what the Alt-Svc response header is used for? Turns out it can be used to become a Man-in-the-Middle and attack TLS!| pspaul's blog
Welcome to 2019! As was noted, this will be the year of phishing automation. We've already seen a release of new reverse-proxy tool Modlishka and it is only January. This release would not have happened without the inspiration I received from Michele Orru (@antisnatchor), Giuseppe Trotta (@Giutro) and| BREAKDEV
Tis the season to be phishing! I've finally found some free time and managed to take a break to work on preparing a treat for all of you phishing enthusiasts out there. Just in time for the upcoming holiday season, I present you the chilly Evilginx update. [Download| BREAKDEV
About 2 months ago, I've released Evilginx 2. Since then, a lot of you reported issues or wished for specific features. Your requests have been heard! I've finally managed to find some time during the weekend to address the most pressing matters. [>> Download Evilginx| BREAKDEV
Although a fix is available to patch vulnerabilities, the EV industry is slow in applying the updates.| Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News
In the final article of this series, we extract TLS-protected messages from a time-tracking application, using both a TLS-intercepting proxy and Frida.| jreyesr's blog
It’s with immense pleasure that I announce the release of the second generation of bettercap, a complete reimplementation of the most complete and advanced Man-in-the-Middle attack framework. This release not only brings MITM attacks to the next level, but it aims to be the reference framework for network monitoring (we <3 blueteams too), 802.11, BLE attacks and more! :D ベッターキャップ!| evilsocket
It’s no secret I’ve been recently playing with the GPD Pocket 7, an ultra small laptop which can run GNU/Linux and has more than decent hardware. Tablets are cool and everything, but I’ve been a fan of ultra portable Linux devices since the Sharp Zaurus series. Considering that a lot of people were interested I decided to write this post to share my impressions, installation procedure and configuration tips.| evilsocket
Yesterday I released version 1.6.1 of bettercap and among other things, you can read in the changelog: * Huge improvement on HTTPS parser, now it parses TLS Client Hello messages with SNI extension in order to extract the real hostname. ... But what does this actually mean? And how can we protect ourselves from it? (Hint: we can’t, yet)| evilsocket
Published on| offsec.almond.consulting
Avast discovered and analyzed GuptiMiner, a malware campaign hijacking an eScan antivirus update mechanism to distribute backdoors and coinminers. The post GuptiMiner: Hijacking Antivirus Updates for Distributing Backdoors and Casual Mining appeared first on Avast Threat Labs.| Avast Threat Labs
First of all I recommend reading this blog post from Simone evilsocket Margaritelli that is – imho – one of the best comprehensive guides to Android applications reversing, of which network analysis is just a part. In my post I will present 3 different methods I used to understand the network behavior (the focus is … Continue reading (not only) Android applications network analysis→| Scubarda
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Squid can be configured to make SSL/TLS inspection (aka HTTPS interception) so the proxy can decrypt proxied traffic (Squid calls this feature ssl bump). Afaik the Squid package included in the Linux distros is not compiled with SSL/TLS inspection support but … Continue reading Configure Squid proxy for SSL/TLS inspection (HTTPS interception)→| Scubarda
At the end of last month, McAfee published a fix for a remote code execution vulnerability in its Security Scan Plus software. Beyond Security, who we worked with for vulnerability coordination published the details of the issue and our PoC exploit on their blog. While the vulnerability itself got some attention due to its frightening simplicity, this is not the first time SSP contained similarly dangerous problems, and it’s certainly not the last. In this post, I’d like to share some add...| Silent Signal Techblog
Update: It was pointed out to us that the word ‘wide-spread’ below is misleading since the cumulative exit probability of those nodes was probably below .5%. What we wanted to say instead is that the number of domains affected was large, when a bad exit was involved.| tech.immerda.ch
Evilginx becomes a relay between the real website and the phished user. Phished user interacts with the real website, while Evilginx captures all the data.| BREAKDEV
"Gone Phishing" 2.4 update to your favorite phishing framework is here. May the phishing season begin!| BREAKDEV