PRINT
PRINT
SEND MAIL
SEND MAIL

Month: February 2015

TUTORIALS

Bypassing HSTS (HTTP Strict Transport Security) with MITMf

Hi Folks, Upon doing a bit of research, I was tempted to see if it was possible to do a HSTS (HTTP Strict Transport Security) bypass. HTTP Strict Transport Security (HSTS) is a web security policy mechanism which is necessary to protect secure HTTPS websites against downgrade attacks, and which greatly simplifies protection against cookie hijacking. It allows web servers to declare that web browsers (or other complying user agents) should only interact with it using secure HTTPS connections and never via the insecure…