I wannabe Red Team Operator

Red Team Operator. A hype-tagged role tag for which one question hits our corporate LinkedIn inbox very often. “Hey there, how can I become a Red Team…

Lire la suite

Bypassing Web Filters Part 4: Host Header Spoofing & Domain Fronting Detection Bypasses

In the previous posts of this series, we looked at different ways to bypass web filters, such as Host header spoofing and domain fronting. As we’ve…

Lire la suite

Bypassing Web Filters Part 3: Domain Fronting

The last two blog posts in this series were about SNI spoofing and Host header spoofing. We also learned that the latter is addressed by some vendors…

Lire la suite

Bypassing Web Filters Part 2: Host Header Spoofing

In the last post about bypassing web filters, I discussed how SNI spoofing works and how this can also be prevented by web filters. This post is about…

Lire la suite

Bypassing Web Filters Part 1: SNI Spoofing

This is the first part of a series of blog posts about techniques to bypass web filters, looking at increasingly advanced techniques with each part.

Lire la suite