Images extracted from decrypted HTTP/2 traffic shown in NetworkMiner

PolarProxy in Windows Sandbox

In this video I demonstrate how PolarProxy can be run in a Windows Sandbox to intercept and decrypt outgoing TLS communication. This setup can be used to inspect otherwise encrypted traffic from ...
PolarProxy 0.9

PolarProxy 0.9 Released

PolarProxy was previously designed to only run as a transparent TLS proxy. But due to popular demand we've now extended PolarProxy to also include a SOCKS proxy and a HTTP CONNECT proxy ...
PcapTor

TorPCAP – Tor Network Forensics

Unencrypted network traffic, destined for the Tor network, is sent between localhost TCP sockets on computers running Tor clients, such as the Tor Browser. In this blog post I show how anonymous ...