personalHTTPproxy
Use local http proxy for ad blocking (Required APN configuration to work).
~ Features:
- Open source
- Lightweight (<100 KB)
- Negligible RAM consumption (10 MB approx.)
- Battery friendly
- Hosts blocking
- Support wildcard blocking
- Support for whitelisting & blacklisting
- Only intercept http/https connection
- Can act as real http/https proxy (For bypassing blocked websites with ad blocked)
- No privacy mining (Your data is your data)
~ Bonus feature:
- Can act as network logger also (User can see what app is making request)
>Source:
https://github.com/IngoZenz/personalhttpproxy
>XDA:
https://forum.xda-developers.com/android/apps-games/app-personal-httpproxy-android-block-t3339874
>Web:
https://www.zenz-solutions.de/personalhttpproxy/
>Telegram:
https://t.me/pdnsf
#phttpp #php #http #proxy
Use local http proxy for ad blocking (Required APN configuration to work).
~ Features:
- Open source
- Lightweight (<100 KB)
- Negligible RAM consumption (10 MB approx.)
- Battery friendly
- Hosts blocking
- Support wildcard blocking
- Support for whitelisting & blacklisting
- Only intercept http/https connection
- Can act as real http/https proxy (For bypassing blocked websites with ad blocked)
- No privacy mining (Your data is your data)
~ Bonus feature:
- Can act as network logger also (User can see what app is making request)
>Source:
https://github.com/IngoZenz/personalhttpproxy
>XDA:
https://forum.xda-developers.com/android/apps-games/app-personal-httpproxy-android-block-t3339874
>Web:
https://www.zenz-solutions.de/personalhttpproxy/
>Telegram:
https://t.me/pdnsf
#phttpp #php #http #proxy
Android Captive Portal Check: 204-HTTP response from
Android sends a request for verification to the address
If you block this request to Google via AFWall+ or anywhere else on your network, a small cross will appear in the WLAN icon in the Android menu bar. Depending on the Android version, you will also see a message saying that there is no Internet available. Especially data protection-conscious users don't want to send a "ping" to Google every time they go online. There is now a solution for this for all users with root access on their devices.
English translation (full guide):
https://t.me/BlackBox_Archiv/337
Source and more info (german):
https://www.kuketz-blog.de/android-captive-portal-check-204-http-antwort-von-captiveportal-kuketz-de/
#android #captiveportal #check #HTTP #guide #kuketz
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
captiveportal.kuketz.de
Each time your Android device connects to a WLAN, the system performs a Captive Portal Check. Android wants to ensure that your device has not only received an IP address from the access point, but that it can also actually reach destinations on the Internet.Android sends a request for verification to the address
connectivitycheck.gstatic.com
. If the request is successful or answered with the HTTP response code 204, access to the Internet is available. With this request, the system transmits information to Google about the IP address of the connection, the time of Internet access and which browser is currently being used.If you block this request to Google via AFWall+ or anywhere else on your network, a small cross will appear in the WLAN icon in the Android menu bar. Depending on the Android version, you will also see a message saying that there is no Internet available. Especially data protection-conscious users don't want to send a "ping" to Google every time they go online. There is now a solution for this for all users with root access on their devices.
English translation (full guide):
https://t.me/BlackBox_Archiv/337
Source and more info (german):
https://www.kuketz-blog.de/android-captive-portal-check-204-http-antwort-von-captiveportal-kuketz-de/
#android #captiveportal #check #HTTP #guide #kuketz
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
Forwarded from BlackBox (Security) Archiv
HTTP Status Codes Command This Malware How to Control Hacked Systems
A new version of COMpfun remote access trojan (RAT) has been discovered in the wild that uses HTTP status codes to control compromised systems targeted in a recent campaign against diplomatic entities in Europe.
The cyberespionage malwareβtraced to Turla APT with "medium-to-low level of confidence" based on the history of compromised victimsβspread via an initial dropper that masks itself as a visa application, the Global Research and Analysis Team at Kaspersky discovered.
The Turla APT, a Russian-based threat group, has a long history of carrying out espionage and watering hole attacks spanning various sectors, including governments, embassies, military, education, research, and pharmaceutical companies.
First documented by G-Data in 2014, COMpfun received a significant upgrade last year (called "Reductor") after Kaspersky found that the malware was used to spy on a victim's browser activity by staging man-in-the-middle (MitM) attacks on encrypted web traffic via a tweak in the browser's random numbers generator (PRNG).
ππΌ Read more:
https://thehackernews.com/2020/05/malware-http-codes.html
https://securelist.com/compfun-http-status-based-trojan/96874/
#cyberespionage #malware #http #hacked
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
A new version of COMpfun remote access trojan (RAT) has been discovered in the wild that uses HTTP status codes to control compromised systems targeted in a recent campaign against diplomatic entities in Europe.
The cyberespionage malwareβtraced to Turla APT with "medium-to-low level of confidence" based on the history of compromised victimsβspread via an initial dropper that masks itself as a visa application, the Global Research and Analysis Team at Kaspersky discovered.
The Turla APT, a Russian-based threat group, has a long history of carrying out espionage and watering hole attacks spanning various sectors, including governments, embassies, military, education, research, and pharmaceutical companies.
First documented by G-Data in 2014, COMpfun received a significant upgrade last year (called "Reductor") after Kaspersky found that the malware was used to spy on a victim's browser activity by staging man-in-the-middle (MitM) attacks on encrypted web traffic via a tweak in the browser's random numbers generator (PRNG).
ππΌ Read more:
https://thehackernews.com/2020/05/malware-http-codes.html
https://securelist.com/compfun-http-status-based-trojan/96874/
#cyberespionage #malware #http #hacked
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
Forwarded from BlackBox (Security) Archiv
The HTTP Archive Tracks How the Web is Built.
We periodically crawl the top sites on the web and record detailed information about fetched resources, used web platform APIs and features, and execution traces of each page. We then crunch and analyze this data to identify trends β learn more about our methodology.
π‘ ππΌ View the Reports:
https://httparchive.org/reports
π‘ ππΌ 2019 State of the Web Report:
https://almanac.httparchive.org/en/2019/
π ππΌ https://httparchive.org/
#http #archive #reports #internet #websites
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
We periodically crawl the top sites on the web and record detailed information about fetched resources, used web platform APIs and features, and execution traces of each page. We then crunch and analyze this data to identify trends β learn more about our methodology.
π‘ ππΌ View the Reports:
https://httparchive.org/reports
π‘ ππΌ 2019 State of the Web Report:
https://almanac.httparchive.org/en/2019/
π ππΌ https://httparchive.org/
#http #archive #reports #internet #websites
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
httparchive.org
Reports
List of reports the HTTP Archive Tracks creates to track various aspects of the the web: State of the Web, State of JavaScript, State of Images, Loading Speed, Progressive Web Apps, Accessibility, SEO, Page Weight, Chrome User Experience Report, and Capabilities.