Erik presenting PolarProxy at CS3Sthlm, photo credit: CS3Sthlm

Sharing a PCAP with Decrypted HTTPS

Modern malware and botnet C2 protocols use TLS encryption in order to blend in with 'normal' web traffic, sometimes even using legitimate services like Twitter or Instagram. I did a live demo ...
NetworkMiner 2.5

NetworkMiner 2.5 Released

I am happy to announce the release of NetworkMiner 2.5 today! This new version includes new features like JA3 and parsers for the HTTP/2 and DoH protocols. We have also added support ...
Raspberry Pi 4 Model B running PolarProxy

Raspberry PI WiFi Access Point with TLS Inspection

This is a how-to guide for setting up a Raspberry Pi as a WiFi Access Point, which acts as a transparent TLS proxy and saves the decrypted traffic in PCAP files. Image: ...
PolarProxy flow chart

PolarProxy Released

I'm very proud to announce the release of PolarProxy today! PolarProxy is a transparent TLS proxy that decrypts and re-encrypts TLS traffic while also generating a PCAP file containing the decrypted traffic ...
march release.png

HTTP/2 Will be Automatically Enabled by Default on the Akamai Intelligent Edge Platform

HTTP, the foundation for data communication over the web, wasn't designed for delivering the rich content that is common in today's websites. HTTP/2, which represents a major update to the HTTP network ...