Skip Navigation

Cybersecurity @sh.itjust.works Super_gamer46861 @lemmy.world 1mo ago

A covert reverse shell using TLS

https://github.com/umutcamliyurt/TLShell

12 comments

Does anyone know how many corporations have the technical ability to inspect TLS 1.3?
- Like, decrypt it? None.
  
  With an enterprise CA this is not a huge trouble, but not exactly easy either.
- Only place I have seen is when an enterprise CA is used to mitm the session.
  
  Firewall vendors use to claim tls1.3 decryption by forcing the sessions down to 1.2
I will test it if it works with Firepower (not blocking it).

12 comments