openbullet
commented
3 weeks ago Please can you go into more detail?
Open APT-ZERO opened 8 months ago
openbullet
commented
3 weeks ago Please can you go into more detail?
APT-ZERO
commented
3 weeks ago SNI (Server name), and ALPN (Application Layer Protocol Negotiation) are extensions of TLS https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml https://www.cloudflare.com/learning/ssl/what-happens-in-a-tls-handshake/
If we be able to customize SNI of our HTTPS Request, we will be able to bypass some security protections like rate limit
by ALPN, i mean our Request Fingerprint generally Some websites are using things like ALPN or Cipher Suites to detect bad requests and block them instantly or treat them differently We need to be able to fake HTTP and TLS Fingerprint of popular browsers to be able to connect to this protected websites and remain undetected This projects did it in Golang, but idk if this are possible in C# too or not https://req.cool/docs/tutorial/http-fingerprint/ https://req.cool/docs/tutorial/tls-fingerprint/
APT-ZERO
commented
2 weeks ago If there be a DNS Resolve block, and option to hardcode a IP in HTTP Request block, we could set our custom SNI in Address box along with a IP from our target's domain that DNS block can have multiple ways to resolve Domain to IP/s (UDP / TCP / DoT / DoH / DoQ)
So you making TLS configs ?