Domain_Fronting.pdf
6.1 MB
Domain fronting is a technique used to hide the true destination of network traffic. It exploits how some protocols, like HTTPS, handle TLS (Transport Layer Security) and HTTP headers, particularly when interacting with content delivery networks (CDNs).
Example:
Firewalls, network monitors, or DPI (Deep Packet Inspection) only see the 'front' domain (the allowed one), while the real destination remains hidden.
Common uses:
I just read this PPT and it offers really good insights. I haven’t finished it yet, but I’m sure it’s worth reading.
@AfroSec
Example:
SNI: cdn.cloudflare.com (allowed)
HTTP Host header: malicious.example.com (your real server)
Firewalls, network monitors, or DPI (Deep Packet Inspection) only see the 'front' domain (the allowed one), while the real destination remains hidden.
Common uses:
1. Command & Control (C2) communication
2. Data exfiltration
I just read this PPT and it offers really good insights. I haven’t finished it yet, but I’m sure it’s worth reading.
@AfroSec
⚡3🔥2👌1
Forwarded from 𝘾𝙤𝙙𝙚 𝙉 𝘾𝙧𝙖𝙭 (𝗬𝗘𝗔𝗕𝗦𝗜𝗥𝗔)
Hey fams 👋 I’m Yeabsira, and I’m excited to share something I’ve been working on in Cybersecurity especially in Reverse Engineering!
🚀 REX – Reverse Engineering Automation Tool
A powerful tool built to automate static malware analysis and make reverse engineering faster and easier.
Key Features:
🔍 Automated static binary analysis
📊 File metadata, entropy, strings, sections
🖥️ Simple GUI + CLI support
⚡ Fast & lightweight – built in C and Python
🔒 Designed for educational and research purposes only, safe to use and explore.
Check it out here: 👉 GitHub | LinkedIn
🚀 REX – Reverse Engineering Automation Tool
A powerful tool built to automate static malware analysis and make reverse engineering faster and easier.
Key Features:
🔍 Automated static binary analysis
📊 File metadata, entropy, strings, sections
🖥️ Simple GUI + CLI support
⚡ Fast & lightweight – built in C and Python
🔒 Designed for educational and research purposes only, safe to use and explore.
Check it out here: 👉 GitHub | LinkedIn
🔥4❤2👏1
Forwarded from Android Security & Malware
Automating Android Component Testing with new APK Inspector tool
-What are exported components?
-Setup and testing APK Inspector
-Improve automation and execute ADB commands interactively
-Run it on Android
-What are Intent Redirection Vulnerabilities?
https://www.mobile-hacker.com/2025/09/18/automating-android-app-component-testing-with-new-apk-inspector/
-What are exported components?
-Setup and testing APK Inspector
-Improve automation and execute ADB commands interactively
-Run it on Android
-What are Intent Redirection Vulnerabilities?
https://www.mobile-hacker.com/2025/09/18/automating-android-app-component-testing-with-new-apk-inspector/
Mobile Hacker
Automating Android App Component Testing with New APK Inspector
If improperly secured, exported components become easy entry points for attackers to execute arbitrary code, access sensitive data, or manipulate the app’s behavior.
🔥4
Forwarded from Kal
Good morning, everyone 🥰. Just a reminder, the goal isn’t to compete with anyone else. It’s to live your best life and keep getting a little better every day. Don’t let anyone make you feel less than who you really are. Don't be busy in a none sense comparison and start focusing on yourself.
❤8💯5
Forwarded from Mira
umm... yap
If you take hacking as a profession, experimenting with MCP is one of the cooler things you can do right now. it gives you a structured, protocol-driven way to expose tools (nmap, Burp, gobuster, even your scripts) as providers an LLM can call in sequence. basically it turns a model into an orchestrator that can handle recon workflows end-to-end without you manually chaining pipes. lemme give you this simple scenario: the agent runs nmap on a target. it parses the ports. decides to run gobuster on the exposed web service. maybe passes results to your own recon script. and finally presents you a nice little summary instead of 9000 lines of stdout. because MCP enforces standardized interfaces, you can sandbox providers, log and audit tool calls, and even apply policy/guardrails at the protocol layer, which is huge for both red-teamers (think pivoting across networked MCP providers or poisoning context feeds) and blue-teamers (detecting malicious providers or restricting unsafe tool use). it's even plausible in places where the ecosystem’s still rough and docs are obscure. you can start local with OSS GPTs to prototype, then move to the cloud when you need scale or shared workflows and integrations with CI/CD or SOC pipelines. maybe a hot take, but i feel like in a few years manually juggling pentest tools might feel irrelevant given that the fast dynamics in the field.
#meyapping
If you take hacking as a profession, experimenting with MCP is one of the cooler things you can do right now. it gives you a structured, protocol-driven way to expose tools (nmap, Burp, gobuster, even your scripts) as providers an LLM can call in sequence. basically it turns a model into an orchestrator that can handle recon workflows end-to-end without you manually chaining pipes. lemme give you this simple scenario: the agent runs nmap on a target. it parses the ports. decides to run gobuster on the exposed web service. maybe passes results to your own recon script. and finally presents you a nice little summary instead of 9000 lines of stdout. because MCP enforces standardized interfaces, you can sandbox providers, log and audit tool calls, and even apply policy/guardrails at the protocol layer, which is huge for both red-teamers (think pivoting across networked MCP providers or poisoning context feeds) and blue-teamers (detecting malicious providers or restricting unsafe tool use). it's even plausible in places where the ecosystem’s still rough and docs are obscure. you can start local with OSS GPTs to prototype, then move to the cloud when you need scale or shared workflows and integrations with CI/CD or SOC pipelines. maybe a hot take, but i feel like in a few years manually juggling pentest tools might feel irrelevant given that the fast dynamics in the field.
#meyapping
⚡5👍3💯3