-
Any apps/games that use the XVC package format and provide `"https://productingestionbin1.blob.core.windows.net"` as `PackageDownloadUris` is unable to be downloaded using the tool, could you add supp…
-
1. using this app, is there any way to configure rules that match by hostname to conditionally add/edit/remove either outbound request or inbound response HTTP headers?
2. if not, are you aware of an…
-
There are 2 cases where Dnssec-Trigger encounters DNSSEC-related problems:
1. Dnssec-Trigger probe detects that DNSSEC is broken, and warns the user.
2. Dnssec-Trigger probe fails to detect that D…
-
PKP is a security mechanism that allows servers to resist impersonation by MITMs using fraudulent certs.
Prior art is HTTP PKP (HPKP):
- https://tools.ietf.org/html/rfc7469
- https://developer.mozill…
-
For easy checking of recipient addresses before sending, a utility for visualizing an address as a unique seashell can be found [here](https://github.com/b-g-goodell/research-lab/tree/master/source-co…
-
This is a request to add a new row (called `Contact Auth UI`) to the spreadsheet that tracks whether or not an app has some UI for users to to verify their contacts' authenticity.
### Why?
The p…
-
I did not find a policy on how to get a domain added or removed from the project's map.yml file. It seems like a nice possibility for MitM attacks.
I propose to require prove of ownership by the no…
tnias updated
2 years ago
-
I'm relatively new to this and would appreciate some advice/pointers regarding this issue I'm currently experiencing.
This has been running without issue for some time, however I've recently not be…
-
Hi omaidf. Great work with this code!
Is this code fully working for the MITM attack? I try to replay it and can't get the client connected to the fake ap. It goes through all the steps, but keeps o…
-
in `example/cpp20_intro_tls.cpp`, it does
```
conn->next_layer().set_verify_mode(asio::ssl::verify_peer);
conn->next_layer().set_verify_callback(verify_certificate);
```
before `async_exec`.
…