🚩 CTF Update – EthioCyberShield Showdown 🚩
Big shoutout to our team APT-04 💀🔥
We placed 6th overall on the EthioCyberShield Showdown CTF! 🏆
Proud of the grind we put in — even though I couldn’t make it for the last day’s Incident Response (IR) challenge, the squad held it down strong. 💪
This is just the start…Next time, podium finish 😤
#APT04 #CTF #CyberSecurity #EthioCyberShield #yekolotemari
@AfroSec
Big shoutout to our team APT-04 💀🔥
We placed 6th overall on the EthioCyberShield Showdown CTF! 🏆
Proud of the grind we put in — even though I couldn’t make it for the last day’s Incident Response (IR) challenge, the squad held it down strong. 💪
This is just the start…Next time, podium finish 😤
#APT04 #CTF #CyberSecurity #EthioCyberShield #yekolotemari
@AfroSec
⚡4🏆3
Forwarded from Bug Sphere
🇪🇹 Bug-Sphere Waitlist is Live!
A new hub for Ethiopia’s hackers, researchers, and security pros.
🔒 Designed for collaboration, fair rewards, and real impact in securing organizations.
🚀 Join the waitlist today and be part of the movement!
🔗 https://bug-sphere.com/waitlist
A new hub for Ethiopia’s hackers, researchers, and security pros.
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡1
Domain_Fronting.pdf
6.1 MB
Domain fronting is a technique used to hide the true destination of network traffic. It exploits how some protocols, like HTTPS, handle TLS (Transport Layer Security) and HTTP headers, particularly when interacting with content delivery networks (CDNs).
Example:
Firewalls, network monitors, or DPI (Deep Packet Inspection) only see the 'front' domain (the allowed one), while the real destination remains hidden.
Common uses:
I just read this PPT and it offers really good insights. I haven’t finished it yet, but I’m sure it’s worth reading.
@AfroSec
Example:
SNI: cdn.cloudflare.com (allowed)
HTTP Host header: malicious.example.com (your real server)
Firewalls, network monitors, or DPI (Deep Packet Inspection) only see the 'front' domain (the allowed one), while the real destination remains hidden.
Common uses:
1. Command & Control (C2) communication
2. Data exfiltration
I just read this PPT and it offers really good insights. I haven’t finished it yet, but I’m sure it’s worth reading.
@AfroSec
⚡3🔥2👌1
Forwarded from 𝘾𝙤𝙙𝙚 𝙉 𝘾𝙧𝙖𝙭 (𝗬𝗘𝗔𝗕𝗦𝗜𝗥𝗔)
Hey fams 👋 I’m Yeabsira, and I’m excited to share something I’ve been working on in Cybersecurity especially in Reverse Engineering!
🚀 REX – Reverse Engineering Automation Tool
A powerful tool built to automate static malware analysis and make reverse engineering faster and easier.
Key Features:
🔍 Automated static binary analysis
📊 File metadata, entropy, strings, sections
🖥️ Simple GUI + CLI support
⚡ Fast & lightweight – built in C and Python
🔒 Designed for educational and research purposes only, safe to use and explore.
Check it out here: 👉 GitHub | LinkedIn
🚀 REX – Reverse Engineering Automation Tool
A powerful tool built to automate static malware analysis and make reverse engineering faster and easier.
Key Features:
🔍 Automated static binary analysis
📊 File metadata, entropy, strings, sections
🖥️ Simple GUI + CLI support
⚡ Fast & lightweight – built in C and Python
🔒 Designed for educational and research purposes only, safe to use and explore.
Check it out here: 👉 GitHub | LinkedIn
🔥4❤2👏1