http2
Start Menu Search Video
Erik Hjelmvik | | Bing, bing.com, Cortana, HTTP/2, http2, Microsoft, NetworkMiner, pcap, PCAP-over-IP, pcapoverip, PolarProxy, Privacy, Start Menu, video, videotutorial, www.bing.com
In this video I demonstrate that text typed into the Windows 10 start menu gets sent to Microsoft and how that traffic can be intercepted, decrypted and parsed. The video cannot be ...
Capturing Decrypted TLS Traffic with Arkime
Erik Hjelmvik | | Arkime, decrypt, HTTP/2, http2, HTTPS, Moloch, pcap, PCAP-over-IP, pcapoverip, PolarProxy, real time, systemctl, systemd, TLS, UFW
The latest version of Arkime (The Sniffer Formerly Known As Moloch) can now be fed with a real-time stream of decrypted HTTPS traffic from PolarProxy. All that is needed to enable this ...
Capturing Decrypted TLS Traffic with Arkime
Erik Hjelmvik | | Arkime, decrypt, HTTP/2, http2, HTTPS, Moloch, pcap, PCAP-over-IP, pcapoverip, PolarProxy, real time, systemctl, systemd, TLS, UFW
The latest version of Arkime (The Sniffer Formerly Known As Moloch) can now be fed with a real-time stream of decrypted HTTPS traffic from PolarProxy. All that is needed to enable this ...
Discovered Artifacts in Decrypted HTTPS
Erik Hjelmvik | | adnxs.com, CS3, CS3Sthlm, decrypt, forensics, HTTP/2, http2, incoming.telemetry.mozilla.org, majestic, Majestik møøse, NetworkMiner, pcap, PolarProxy, reddit, telemetry, TLS, TLSI, Wireshark, x-moose, X-Proxy-Origin
We released a PCAP file earlier this year, which was recorded as part of a live TLS decryption demo at the CS3Sthlm conference. The demo setup used PolarProxy running on a Raspberry ...
Sharing a PCAP with Decrypted HTTPS
Erik Hjelmvik | | CS3, CS3Sthlm, decrypt, DoH, forensics, google, HTTP/2, http2, HTTPS, NetworkMiner, Pastebin, pcap, PolarProxy, TLS, TLS Inspection, TLS Interception, TLSI, Twitter, video, Wireshark
Modern malware and botnet C2 protocols use TLS encryption in order to blend in with 'normal' web traffic, sometimes even using legitimate services like Twitter or Instagram. I did a live demo ...
NetworkMiner 2.5 Released
Erik Hjelmvik | | CIFS, DoH, hashcat, HTTP/2, http2, HTTPS, JA3, John, KERBEROS, MS-BRWS, NBNS, NetBIOS, NetworkMiner, NetworkMinerCLI, OSINT, pcap
I am happy to announce the release of NetworkMiner 2.5 today! This new version includes new features like JA3 and parsers for the HTTP/2 and DoH protocols. We have also added support ...
Raspberry PI WiFi Access Point with TLS Inspection
Erik Hjelmvik | | how to, HowTo, HTTP/2, http2, HTTPS, linux-arm, pcap, PolarProxy, Raspberry Pi, ssl, TLS, wifi, Wireshark
This is a how-to guide for setting up a Raspberry Pi as a WiFi Access Point, which acts as a transparent TLS proxy and saves the decrypted traffic in PCAP files. Image: ...
PolarProxy Released
Erik Hjelmvik | | DNS over HTTPS, DNS-over-TLS, DoH, DoT, HTTP/2, http2, ids, IMAPS, NIDS, pcap, PolarProxy, POP3S, SMTPS, ssl, SSLKEYLOGFILE, tcpreplay, TLS, Wireshark
I'm very proud to announce the release of PolarProxy today! PolarProxy is a transparent TLS proxy that decrypts and re-encrypts TLS traffic while also generating a PCAP file containing the decrypted traffic ...
HTTP/2 Will be Automatically Enabled by Default on the Akamai Intelligent Edge Platform
HTTP, the foundation for data communication over the web, wasn't designed for delivering the rich content that is common in today's websites. HTTP/2, which represents a major update to the HTTP network ...