I did a stupid thing and now it's on github. I was curious if I can issue commands from a server via serverHello, execute them on the client and pass the output back via the clientHello. Turns out you can make bytes to anything.
Blog: medium.com/p/24ac04bc6472
If there's interference in an oversimplified case, what if we consider motive? Fake First seems.. sensible :)
While truth occurs, its truthful reporting is unlikely. Stating a non binary fact to be true is frequently accompanied by arbitrary lines drawn in the sand by the storyteller. Whoever tells the tale, leaves a nuance that muddles the truth.
Conference banner with text: I'm speaking at DefCamp 2025. The title of the presentation: TLS Protocol Manipulation: a (very) low throughput C2 channel. Date and location: 13-14 November, Bucharest, Romania
If you have a high enough tolerance to pain, you can make bytes do anything
This was so good!
Taking them to the SHITTER: an analysis of vendor abuse of security research in-the-wild
aff-wg.org/2025/07/13/t...
(There is no benefit modulating my voice for anyone's comfort. This is my fair take, but unapologetic truth. This phenomena has gone unchecked for too long)
I reached the same conclusion after reading his autobiography. Nothing like a man's own words to betray him
+1 for adoption fatigue
So accurate. Ever since I read it, half my windows conversations start with "when I was reading Windows Security Internals". I'm knowingly accepting being annoying, that's how good James' book was
It was amazing! And it wouldn't have happened without Chris Brenton's and Troy Wojewoda's courses on Antisyphon. Top notch content, keep doing you :)
The more I look at his website, the more I wonder where this man and his bottle have been all my life
I was looking for a prism but now that sounds just so plain
The code and slides are both on my github. For any feedback, I'd be grateful.
TLS data exfiltration: smuggling bytes with ClientHello is a very low throughput "technique". Not really a technique, more like a way for me to learn networking protocols.
Blog post here: medium.com/@haarlems/tl...
I failed and kept on failing until I didn't.
What started as frustration at not solving a network forensics challenge on the @antisyphontraining.bsky.social cyber range on @metactf.bsky.social led to my first research.
Yesterday, it was also my first time presenting at BSides Bucharest!
Cover of book Linkers and Loaders by John R. Levine. The image shows a construction crane lifting several steel beams against an orange and purple sky. I assume it is a nod to the theme of building software components
How many linker errors while patching openssl does it take before you seek salvation in a 1999 book?
I need this on a tshirt
I once heard a network engineer comment that the speed of light is too slow, and that has haunted me ever since.
RUMOURS are TRUE π€·ββοΈ
PHRACK will be releasing a SPECIAL #71.5 πHARDCOVERπ at www.offensivecon.org BERLIN ("The π
-Day Edition").
Main #72 release THIS SUMMER at MULTIPLE conferences (main release at WHY2025). β€οΈ
Is it malware or is it enhanced endpoint telemetry
@tiraniddo.dev did us all a solid with this one, I totally agree
This looks like something @jags.bsky.social could do an easy 6 minute rant on
Haha some bits hit too close to home
This is your reminder to stick it to the bank man.
Tried to make a donation to the @archive.org. The bank canceled the transaction and blocked my card for suspicious activity. I donated another way. And tripled it out of spite.
Which project are u fighting the big banks to support today?
A tool that neutralizes traffic noise but keeps the sound of birds chirping
Haha, I love the "like some black market charlatan" bit. So accurate
But most importantly, I love it when he addresses researchers.
In between this and @gentilkiwi.bsky.social's BlueHatIL call to inspire hackers to create their own tools.. it's a good day for research!
Also touching on the culture shift that "values the ability to fully subvert security and not the ability to inform securityβ. I believe the work of offensive teams serving the blue team cannot be emphasized enough.
My favorite bit is when he says it's not about βhackery malware things" :)
