asteroza + mitm   73

drk1wi/Modlishka: Modlishka. Reverse Proxy. Phishing NG.
Proving that almost all 2FA can be weak to phishing. Client certs are the last bastion of hope?
phishing  reverse  proxy  gateway  MitM  2FA  security  hacking  pentesting 
january 2019 by asteroza
Fox-IT hit by cyber attack - Fox-IT (ENG)
What a wonderfully transparent after-action review of an incident. Though changing the registrar password regularly doesn't seem like it would buy them much, as they kept their password in a vault and rarely used it (low chance of extraction/exfil), and the subtle implication the registrar got owned. Though as a mitigation to lack of 2FA, at the registrar, maybe worthwhile. But the real need is watching for abnormal events, which requires a registrar change feed or external monitoring, as you need to trigger on registrar change events or general DNS SOA changes.
DFIR  case  study  DNS  registrar  hijack  MitM  reference  information 
december 2017 by asteroza
HTTPS Interception Weakens TLS Security | US-CERT
Middleboxes/UTM suck at telling endpoints about TLS connections, ad nauseum...
HTTPS  interception  interceptor  middlebox  UTM  firewall  security  advisory  CERT  SSL  TLS  MitM  Delicious 
march 2017 by asteroza
Using tor as a second circuit to check for MitM SSL/TLS attacks. Not entirely out-of-band, but close enough?
SSL  TLS  security  rogue  CA  certificate  inspection  tor  checker  tester  MitM  Delicious 
october 2016 by asteroza
Family Safety update improves web filtering and activity reporting in Windows 8....
So family safety features a SSL MitM proxy using a local trusted root CA. Which means firefox needs to import that cert to be able to use SSL sites.
windows  parental  controls  family  safety  local  SSL  TLS  MitM  intercept  proxy  Delicious 
september 2016 by asteroza
The Tor exit node of | Hints for Tor Users
Apparently even more tor exit nodes have become actively hostile with XMPP MitM, so these guys built a hidden service endpoint for your XMPP needs...
tor  MitM  XMPP  hidden  service  exit  node  endpoint  security  Delicious 
june 2016 by asteroza | 19538258
Why is this cert not revoked? Bluecoat definitely should not have an global intermediate CA certificate considering they sell to repressive regimes...
bluecoat  intermediate  CA  certificate  SSL  MitM  security  WTF  TLS  search  engine  Delicious 
june 2016 by asteroza
You want to talk about a bump in the wire? THIS IS a bump in the wire. PoE passthru pentest dropbox.
LUNA  inline  security  pentest  pentesting  hardware  electronics  devices  PoE  passthru  dropbox  packet  sniffing  capture  MitM  hacking  Delicious 
december 2014 by asteroza
SpideyApp - Stingray Detector
Try to detect Stingray interception equipment usage by police by taking baselines of cell tower ID's and characteristics. It attempts to discover "new" local towers that aren't normally there.
android  app  software  MitM  detection  local  cell  tower  change  stingray  police  intercept  interception  detector  countersurveillance  antisurveillance  OPSEC  security  research  LAC  scan  differential  diff  Delicious 
june 2014 by asteroza
If you control somebody's DNS, you could redirect them to this to get them to download an attack binary due to weak update methodology (plaintext HTTP downloads with no public key binary signing checking). There was a nice attack article about someone who got worked over via a LinkedIn message based XSS attacking their home router DNS settings, then lying in wait until the poor guy tried to update N++.
evilgrade  ISR-evilgrade  MitM  update  fake  binary  attack  vector  framework  exploit  security  hacking  pentest  tools  utilities  software  DNS  false  Delicious 
april 2014 by asteroza
Chip and PIN is Broken
Yeah, this is old news, but chip and PIN is broken for those who still haven't heard...
EMV  chip  PIN  credit  card  security  hack  hacking  bank  MitM  attack  protocol  error  bug  failure  authentication  Delicious 
march 2014 by asteroza
Hackers break SSL encryption used by millions of sites • The Register
Use a MitM proxy to inject some bad javascript that executes a chosen plaintext on a specific website, to allow recovery of the secure cookie for that site.
beast  SSL  TLS  MitM  attack  javascript  chosen  block  plaintext  secure  cookie  recovery  security  Delicious 
september 2011 by asteroza
WiFi Pineapple - HakShop
Evil little toy. Useful for doing MitM Rick Rolling attacks, or simple image flipping. Macs are particularly vulnerable due to active searching for past known networks.
wifi  battle  pineapple  wireless  MitM  attack  router  JaSager  false  SSID  network  security  hacking  hardware  electronics  devices  Delicious 
september 2011 by asteroza
Add a little picture flipping and this will really mess with people...
newstweek  wallplug  computer  openWRT  wifi  wireles  router  MitM  attack  social  engineering  news  text  modification  disinformation  hardware  electronics  devices  network  security  hacking  humor  ARP  poisoning  Delicious 
may 2011 by asteroza
Chip and PIN is broken, say researchers -
People have been complaining for years that chip-and-PIN was a cop out by banks to not pursue properly fraud cases, based on the belief that it was uncrackable. Even when there was clear evidence to the contrary based on transaction data alone.
EMV  chip-and-PIN  chip  PIN  europe  banking  credit  debit  card  security  hacking  MitM  attack  research  Delicious 
february 2010 by asteroza

related tags

2FA  accesspoint  ad  adapter  address  advertising  advisory  adware  ALPC  analysis  analytics  android  antisurveillance  AP  app  appliance  ARP  attack  attention  authentication  automatic  automation  backdoor  backdooring  bank  banking  battle  beacon  beast  binary  block  bluecoat  bluetooth  box  browser  bug  bypass  CA  cache  canary  captive  capture  card  case  cell  CERT  certificate  change  check  checker  china  chip  chip-and-PIN  chosen  cloudflare  computer  consumer  controls  cookie  countersurveillance  credential  credit  data  deauthorization  debit  debug  debugging  decryption  deep  Delicious  detection  detector  development  devices  DFIR  diff  differential  disinformation  DNS  DPI  dropbox  duplex  electronics  emulation  EMV  endpoint  engine  engineering  error  ethernet  Ettercap  europe  evil  evilgrade  EXE  executable  exit  exploit  FaceNiff  failure  fake  false  family  filter  fingerprint  firesheep  firewall  firmware  framework  FRIDA  full  fuzzer  gateway  glass  glasshole  go  google  guide  hack  hacking  handling  handshake  hardware  HCE  header  hidden  hijack  host  hostapd  howto  HTTP  HTTPS  humor  ICMP  image  information  injection  inline  inspection  intercept  interception  interceptor  intermediate  iOS  IPC  iPhone  ISR-evilgrade  JaSager  java  javascript  kali  KARMA  key  komodia  LAC  lenovo  linux  live  local  LUNA  mac  malware  MANA  manipulation  memory  microcontroller  middle  middlebox  MITM  MitM  mobile  modification  name  NebuAd  nethunter  network  networking  news  newstweek  NFC  Nginx  node  node.js  nondeterministic  number  opensource  openSSH  openWRT  OPSEC  OSX  p2p  packet  parental  Paros  passthru  password  passwordless  patching  payload  penetration  pentest  pentesting  phishing  PIN  pineapple  pinning  plaintext  PoC  PoE  poisoning  police  portal  powershell  privacy  programming  proof-of-concept  protection  protocol  proxy  ProxyFuzz  python  RAT  RDP  realtime  recovery  redirect  redteam  reference  registrar  remote  replacement  request  research  retrieval  reverse  rogue  router  RPC  runtime  safety  scan  script  SD  search  secure  security  sequence  server  service  session  shell  site  SMB  sniffing  social  software  spoofing  squid  SSH  SSID  SSL  SSLsnif  sslsnoop  sslstrip  stingray  study  superfish  sysadmin  targeted  TCP  test  tester  testing  text  TLS  tool  tools  tor  tower  transparent  tunnel  tutorial  update  USB  user  utilities  UTM  vector  VPN  wallplug  web  webdev  website  wifi  windows  wireles  wireless  WPA  WPA2  WTF  XMPP 

Copy this bookmark: