←back to thread

Doxx/Darkflare: DarkFlare TCPoCDN (TCP over CDN)

(github.com)
157 points josephscott | 1 comments | 20 Nov 24 22:49 UTC | HN request time: 0.239s | source
Show context
tomsonj ◴[21 Nov 24 02:46 UTC] No.42200584[source]
chisel is a similar tool in this space https://github.com/jpillora/chisel

I don’t get why headers and requests need to be spoofed if all traffic is over https?

replies(4): >>42200669 #>>42200828 #>>42201273 #>>42201386 #
coretx ◴[21 Nov 24 04:58 UTC] No.42201273[source]
Because SNI. Also, State (sponsored) Actors are certificate authorities. HTTPS is the biggest scam in internet history. https://en.wikipedia.org/wiki/Server_Name_Indication
replies(2): >>42201851 #>>42203963 #
1. account42 ◴[21 Nov 24 13:08 UTC] No.42203963[source]
SNI doesn't expose headers and request paths.