GymTok: Breaking TLS Using the Alt-Svc Header
Ever wondered what the Alt-Svc response header is used for? Turns out it can be used to become a Man-in-the-Middle and attack TLS!| pspaul's blog
misc, web / Casino| pspaul's blog
Last year, @swapgs and I found a fun bug in the popular enterprise VPN solution Zscaler. The VPN client used the pacparser library to decide which HTTP requests to proxied based on a PAC file.| pspaul's blog
Some time ago, while reading up on new CSS features, I asked myself: Is it possible to leak the entire content of an HTML text node only using CSS?| pspaul's blog
Ever wondered what the Alt-Svc response header is used for? Turns out it can be used to become a Man-in-the-Middle and attack TLS!| pspaul's blog
