Bypassing Web Filters Part 4: Host Header Spoofing & Domain Fronting Detection Bypasses 文章讨论了多种绕过网络过滤器的技术，包括利用HTTP/2和HTTP/3协议、省略SNI（服务器名称指示）以及使用加密客户端Hello（ECH），以绕过基于SNI检查的过滤机制。这些技术通过改变请求格式或加密内容来隐藏真实域名或规避检测。... 2025-3-20 08:2:20 | 阅读: 18 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com sni bypass clienthello client ech

Bypassing Web Filters Part 3: Domain Fronting 文章介绍了域名前端隐藏（Domain Fronting）技术及其工作原理。该技术通过在HTTPS请求中使用不同的SNI（服务器名称指示）和Host头来隐藏真实目标域名，从而绕过网络过滤。文章详细解释了CDN（内容分发网络）在该过程中的作用，并以Fastly CDN为例展示了如何利用合法CDN服务实现域名前端隐藏。此外，文章还讨论了部分CDN对这种技术的检测和防御机制。... 2025-3-18 08:2:26 | 阅读: 25 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com fastly sni fronting spotify compass

Bypassing Web Filters Part 2: Host Header Spoofing 文章介绍了利用Host头欺骗技术绕过网络过滤器的方法。通过修改HTTP请求中的Host头信息，攻击者可以访问被限制的网站或绕过大文件上传等限制。此方法依赖于代理仅检查Host头而忽略其他验证机制（如SNI）。部分防火墙（如FortiGate）已通过域名前端保护功能默认阻止此类攻击。... 2025-3-13 08:2:38 | 阅读: 5 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com sni spoofing legit bypass fronting

Bypassing Web Filters Part 1: SNI Spoofing This is the first part of a series of blog posts about techniques to bypass web filters, lo... 2025-3-11 08:2:54 | 阅读: 9 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com proxy sni client legit handshake

Passkeys Don’t we all know the hassle of managing loads of passwords, trying to come up with sec... 2025-2-25 08:1:22 | 阅读: 23 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com passwords passkeys passkey phishing

Stealthy AD CS Reconnaissance 本文介绍了一种基于本地注册表数据的隐蔽Active Directory Certificate Services (AD CS) 枚举方法。通过分析注册表中的证书模板缓存，攻击者可绕过传统LDAP监控，在低权限环境下收集敏感信息并结合工具进行特权提升。... 2025-2-11 08:2:20 | 阅读: 12 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com certipy ludus 2404182060 3291837554 245906837

BloodHound Community Edition Custom Queries This blog post introduces our new custom queries for BloodHound Community Edition (CE) and... 2025-1-28 13:31:26 | 阅读: 52 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com bloodhound github security compass importing

Hitchhiker’s Guide to Managed Security Over the past few years, we have had the opportunity to conduct several Purple Teaming exer... 2025-1-14 08:2:30 | 阅读: 19 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com purple tl clearly client

A Nifty Initial Access Payload Red Teaming engagements are “realistic” attack simulations designed to test the security po... 2024-12-17 09:2:12 | 阅读: 20 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com b33f burp initializer software loaded

Harvesting GitLab Pipeline Secrets TLDR: Scan GitLab job logs for credentials using https://github.com/CompassSecurity/pipele... 2024-12-3 16:1:39 | 阅读: 17 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com compass gitlab artifact 18t10 pipeleak

A Look Back: Insights from Our Managed Bug Bounty Program IntroductionAt Compass Security, we are proud to offer a fully managed bug bounty progr... 2024-11-21 22:1:25 | 阅读: 15 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com hunters triage chf bounties payout

Email, Email on the Wall, Who Sent You, After All? Franky opens her email in the morning and sees the following email in her inbox:... 2024-10-29 16:1:33 | 阅读: 21 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com aol yahoo spf dkim msa

Voice Cloning with Deep Learning Models Given the explosion of development and interest in deep learning models in the past... 2024-10-18 15:1:30 | 阅读: 7 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com wav duration clips cloning tortoise

COM Cross-Session Activation Once again, reading blogs and tweets from James Forshaw led me to wonder how things work. T... 2024-10-1 15:2:28 | 阅读: 18 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com software activation updater forshaw

Email, Email on the Wall, Who Sent You, After All? During Business Email Comproise (BEC) engagements we often have to analyze the provenance o... 2024-9-24 17:47:11 | 阅读: 22 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com aol yahoo spf dkim dmarc

Three-Headed Potato Dog Earlier this year, several security researchers published research about using DCOM to coer... 2024-9-17 21:32:16 | 阅读: 13 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com potato dcom machine clsid

From Classroom into Bug Bounty: Investigating Motivational Factors Among Swiss Students Bug bounty programs have evolved into a critical element of modern cybersecurity, allowing... 2024-9-6 14:2:10 | 阅读: 33 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com rewards hunters attract

A Patchdiffing Journey – TP-Link Omada IntroductionLast year we participated in the Pwn2Own 2023 Toronto competition and succe... 2024-8-20 15:2:10 | 阅读: 28 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com dhcp6c v61 dhcp6 payload dhcpv6

SAML Raider Release 2.0.0 SAML Raider [0] is a Burp Suite [1] extension and the tool of choice for many pentesters fo... 2024-7-2 15:1:58 | 阅读: 35 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com gradle github burp montoya raider

Introducing Conkeyscan – Confluence Keyword Scanner TL;DR Release of Conkeyscan – A Confluence Keyword/Secret Scanner, which is tailored towar... 2024-6-18 15:2:4 | 阅读: 9 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com conkeyscan atlassian cql 696 username