Skip to content

Instantly share code, notes, and snippets.

View mohsenasm's full-sized avatar
🏠
Working from home

Mohammad-Mohsen Aseman-Manzar mohsenasm

🏠
Working from home
27 followers · 10 following
View GitHub Profile
@jobec
jobec / domain_fronting.py
Last active November 22, 2024 13:56
How to do domain fronting in Python with Requests. Send a request to an arbitrary IP address and force the SNI field and Host HTTP header to a certain value.
#
# How to do domain fronting in Python with Requests.
#
# Send a request to an arbitrary IP address and force the
# SNI field and Host HTTP header to a certain value.
#
import http.client
import requests
import urllib3
@slingamn
slingamn / against_scram.md
Created August 13, 2021 01:15
Against SCRAM

Against SCRAM

I added support for the SCRAM-SHA-256 authentication mechanism to the Ergo IRC server, in response to demand for a reference implementation that clients could test against. Conversely, if you're implementing a server, I added an irctest server test covering it.

Nonetheless, this decision should not be taken as an endorsement of SCRAM. I recommend against implementing SCRAM-SHA-256 or any other SCRAM variant. Here's why.

The baseline: SASL PLAIN over TLS