Contents 1. What is HTTP Strict Transport Security (HSTS) and what you need to know if you are going to enable HSTS 2. How web browsers know that a site uses HSTS 3. The meaning of HTTP Strict Transport Security (HSTS) header directives 4. Strict Transport Security Preload (HSTS Preload)Read More
Interacting with DOM in Puppeteer: how to get HTML code and extract various tags (text, images, links)
Contents 1. How to use Puppeteer: installation and quick start 2. Interacting with DOM in Puppeteer: how to get HTML code and extract various tags (text, images, links) 2.1 How to get HTML of a web page in Puppeteer 2.2 How to get HTML from a web page and saveRead More
How to use Puppeteer: installation and quick start
Contents 1. How to use Puppeteer: installation and quick start 1.1 What is Puppeteer and what is it used for 1.2 How to Install Puppeteer 1.2.1 How to install Puppeteer on Debian, Ubuntu, Linux Mint, Kali Linux and derivatives 1.2.2 How to install Puppeteer on Arch Linux Manjaro, BlackArch andRead More
TLS fingerprinting of servers: hash types, utilities for displaying TLS fingerprints of servers
Contents 1. TLS fingerprinting: methods for identifying client and server software 2. TLS fingerprinting of clients: hash types, utilities for displaying TLS fingerprints of clients 3. TLS fingerprinting of servers: hash types, utilities for displaying TLS fingerprints of servers 3.1 TLS Server fingerprints are unstable and depend on the clientRead More
TLS fingerprinting of clients: hash types, utilities for displaying TLS fingerprints of clients
Contents 1. TLS fingerprinting: methods for identifying client and server software 2. TLS fingerprinting of clients: hash types, utilities for displaying TLS fingerprints of clients 2.1 Client TLS fingerprinting hash types 2.2 Tools for TLS fingerprinting of clients 2.2.1 Wireshark 2.2.2 TShark 2.2.3 JA4+ 2.2.4 JA3-JA4-scanner 2.2.5 Online service forRead More
TLS fingerprinting: methods for identifying client and server software
Contents 1. TLS fingerprinting: methods for identifying client and server software 1.1 What is TLS fingerprinting and what is it used for 1.2 What else is interesting about TLS fingerprinting? 1.3 How TLS fingerprinting works 1.4 How TLS fingerprinting hashes are calculated 1.5 Distinguish between TLS fingerprinting of clients andRead More
Wireshark Filters
Table of contents 1. Wireshark Filters For Beginners 2. Wireshark Filter Operators 3. Logical Wireshark Filter Operators 4. Interface Filters 5. Link layer traffic 6. Internet layer traffic 7. Transport layer traffic 8. Application layer traffic 9. Filters for Wi-Fi frames 10. Wireshark filters for software type identification (TLS fingerprinting) WiresharkRead More
How to set up HTTPS for a web server in Kali Linux
Contents 1. Web server with HTTPS in Kali Linux 2. How to set up an HTTPS test environment in Kali Linux 2.1 How to enable the SSL module for Apache 2.2 Setting up hostname to IP address resolution 2.3 Creating a Certificate Authority (CA) 2.4 Creating a self-signed (self-issued) websiteRead More
How to add Subject Alternative Name (subjectAltName) to a self-signed certificate
Contents Web browsers use the host name from Subject Alternative Name (subjectAltName) How to create a self-signed certificate with Subject Alternative Name (subjectAltName) Subject Alternative Name (subjectAltName) Syntax. How to create valid certificates for IP and IPv6 How to view the Subject Alternative Name (subjectAltName) in the certificate Checking theRead More
Web Server on Windows 11 (Apache, MySQL, PHP and phpMyAdmin): step-by-step installation guide
The instructions have been checked and corrected to work with the latest components (Apache 2.4.62, PHP 8.3.11, MySQL 9.0.1, and phpMyAdmin 6.0). Table of contents 1. What is a web server for Windows 2. Download web server (Apache, MySQL, PHP and phpMyAdmin) for Windows 11 3. Create the structure ofRead More