Red Team

Adversary simulation, or better known as Red teaming is often referred to by many in the infosecurity community. The mission of a red team is to perform operations that will lead to the completion of a target objective. The objectives should not be technical and have business impacts or could benefit a simulated threat actor.

Domain Fronting: Who Am I?

TLDR; Set whatever Host header you want in your Domain Fronting packet when you use CloudFront Note: It’s 1:31 am, I do my independent research to contribute to the community in my evenings. So give me a break if it all sounds like I’m talking to myself. »

Validated CloudFront SSL Domains

You may have heard of Domain Fronting, and some of the work that I’ve previously done. https://vincentyiu.co.uk/domain-fronting-via-cloudfront-alternate-domains/ Then https://www.peew.pw/blog/2018/2/22/how-i-identified-93k-domain-frontable-cloudfront-domains came along and showed us how to find 93k frontable CloudFront domains. I mentioned to him that not »