The main point is to save the SSL/TLS keys those used by the web browser (SSLKEYLOGFILE=/tmp/tmp-google/.ssl-key.log).
In the example below we run brand new instance of Google Chrome (--user-data-dir=/tmp/tmp-google do the trick):
SSLKEYLOGFILE=/tmp/tmp-google/.ssl-key.log /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --user-data-dir=/tmp/tmp-google
Then run the Wireshark and open the Preferences -> Protocols -> SSL, where we put the path to the SSL keys log file into the (Pre)-Master-Secret log filename field.
Now all SSL/TLS traffic from this browser instance will be decrypted.
Roman Schmitz Schm1tz1
🇺🇦
EddiG
/ wireshark.md
Last active
April 11, 2025 19:32
How to decrypt SSL/TLS traffic in Wireshark on MacOS
TarlogicSecurity
/ kerberos_attacks_cheatsheet.md
Created
May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks
With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
kekru
/ 01nginx-tls-sni.md
Last active
April 24, 2025 10:07
nginx TLS SNI routing, based on subdomain pattern
Nginx can be configured to route to a backend, based on the server's domain name, which is included in the SSL/TLS handshake (Server Name Indication, SNI).
This works for http upstream servers, but also for other protocols, that can be secured with TLS.
- at least nginx 1.15.9 to use variables in ssl_certificate and ssl_certificate_key.
- check
nginx -Vfor the following:... TLS SNI support enabled
zenxedo
/ Proxmox-RancherOS-Portainer Ultimate Setup.md
Last active
December 6, 2024 02:54
I have tried this setup and although it works and may be good for ceratin circumstances I would advise using ubuntu as the base with docker, docker-compose, and portainer. https://gist.github.com/mow4cash/626275e095f7f90898944a85d66b3be6
Link to my docker run file https://gist.github.com/mow4cash/6a25343cdeb0cd115f263dea0a3b623d
cnlohr
/ esp32_aes_example.c
Created
November 7, 2018 19:50
Example of using hardware AES 256 Crypto in CBC mode on the ESP32 using ESP-IDF
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <string.h> | |
| #include <stdio.h> | |
| #include <hwcrypto/aes.h> | |
| /* | |
| For Encryption time: 1802.40us (9.09 MB/s) at 16kB blocks. | |
| */ | |
| static inline int32_t _getCycleCount(void) { | |
| int32_t ccount; |
utek
/ wildcard-ssl-certificate.md
Created
August 31, 2018 06:25
— forked from talyguryn/wildcard-ssl-certificate.md
How to get a wildcard ssl certificate and set up Nginx.
ajosephau
/ XMLSec2PEM.java
Created
November 2, 2017 02:29
Porting function to contemporary Java libraries from http://www.platanus.cz/blog/converting-rsa-xml-key-to-pem
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import java.io.*; | |
| import java.math.BigInteger; | |
| import java.security.*; | |
| import java.security.spec.*; | |
| import java.security.cert.*; | |
| import java.security.interfaces.*; | |
| import java.util.Base64; | |
| import javax.xml.parsers.DocumentBuilder; | |
| import javax.xml.parsers.DocumentBuilderFactory; |
jleclanche
/ freeotp_backup.md
Last active
March 5, 2025 05:59
A guide to back up and recover 2FA tokens from FreeOTP (Android)
Using adb, create a backup of the app using the following command:
adb backup -f freeotp-backup.ab -apk org.fedorahosted.freeotp
rragundez
/ args_script_template.sh
Created
June 21, 2017 09:11
Template of bash script with mandatory and optional arguments
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -e | |
| usage="$(basename "$0") [-h] [-i PROJECT] [-v VM] [-p PYTHON] [-d NOTEBOOKS] | |
| Make a user provide SSH key and jupyter notebooks (in roles/bootstrap/files/notebooks) to each user listed in var/common.yml | |
| where: | |
| -h show this help text | |
| -i google cloud project id | |
| -v name of instance/virtual machine | |
| -p python path |
