This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Content provided by Security Weekly. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Security Weekly or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Similar to Tradecraft Security Weekly (Audio)
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
The award-winning WIRED UK Podcast with James Temperton and the rest of the team. Listen every week for the an informed and entertaining rundown of latest technology, science, business and culture news. New episodes every Friday.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Daily update on current cyber security threats
…
continue reading
Hungry for Technology Talk? Get All You Can Eat at the Android Buffet
…
continue reading
Agile for Humans™ is a weekly podcast dedicated to the individuals and interactions that make agile work. The goal is to help create safe and collaborative working environments where people are empowered to do their best work.
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Monday through Friday, Marketplace demystifies the digital economy in less than 10 minutes. We look past the hype and ask tough questions about an industry that’s constantly changing.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
Domain Fronting - Tradecraft Security Weekly #18
Manage episode 186419311 series 1456935
Content provided by Security Weekly. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Security Weekly or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Domain fronting is a technique used to mask command and control (C2) traffic. It is possible for C2 channels to be proxied through CDN's like Cloudfront to make it appear like normal Internet traffic. It is very difficult to detect and block for defenders as it appears as if clients on a network are connecting to valid CDN domains. But, in reality it is transporting a command and control channel. In this episode of Tradecraft Security Weekly Beau Bullock (@dafthack) is joined by Ralph May (@ralphte1) to talk about what domain fronting is and how to set it up using Cloudfront and PowerShell Empire.
LINKS: https://blog.cobaltstrike.com/2017/02/06/high-reputation-redirectors-and-domain-fronting/ https://signal.org/blog/doodles-stickers-censorship/ https://www.securityartwork.es/2017/01/24/camouflage-at-encryption-layer-domain-fronting/ https://trac.torproject.org/projects/tor/wiki/doc/meek http://bryceboe.com/2012/03/12/bypassing-gogos-inflight-internet-authentication/
Full Show Notes: https://wiki.securityweekly.com/TS_Episode18
14 episodes
Share
Manage episode 186419311 series 1456935
Content provided by Security Weekly. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Security Weekly or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Domain fronting is a technique used to mask command and control (C2) traffic. It is possible for C2 channels to be proxied through CDN's like Cloudfront to make it appear like normal Internet traffic. It is very difficult to detect and block for defenders as it appears as if clients on a network are connecting to valid CDN domains. But, in reality it is transporting a command and control channel. In this episode of Tradecraft Security Weekly Beau Bullock (@dafthack) is joined by Ralph May (@ralphte1) to talk about what domain fronting is and how to set it up using Cloudfront and PowerShell Empire.
LINKS: https://blog.cobaltstrike.com/2017/02/06/high-reputation-redirectors-and-domain-fronting/ https://signal.org/blog/doodles-stickers-censorship/ https://www.securityartwork.es/2017/01/24/camouflage-at-encryption-layer-domain-fronting/ https://trac.torproject.org/projects/tor/wiki/doc/meek http://bryceboe.com/2012/03/12/bypassing-gogos-inflight-internet-authentication/
Full Show Notes: https://wiki.securityweekly.com/TS_Episode18
14 episodes
All episodes
×
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Similar to Tradecraft Security Weekly (Audio)
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
The award-winning WIRED UK Podcast with James Temperton and the rest of the team. Listen every week for the an informed and entertaining rundown of latest technology, science, business and culture news. New episodes every Friday.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Daily update on current cyber security threats
…
continue reading
Hungry for Technology Talk? Get All You Can Eat at the Android Buffet
…
continue reading
Agile for Humans™ is a weekly podcast dedicated to the individuals and interactions that make agile work. The goal is to help create safe and collaborative working environments where people are empowered to do their best work.
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Monday through Friday, Marketplace demystifies the digital economy in less than 10 minutes. We look past the hype and ask tough questions about an industry that’s constantly changing.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
