DomainBorrowing: Not be confused with DomainFronting - This talk presents a new method to hide C2 traffic via a CDN to circumvent censorship. It details some tricks discovered in some CDN implementations, and how to chain them together to “borrow” a domain and its valid HTTPS certificate

This page summarizes the projects mentioned and recommended in the original post on /r/blueteamsec

Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
  • Covenant

    Covenant is a collaborative .NET C2 framework for red teamers.

    an implementation is here - Covenant Implant Template, which uses Domain Borrowing for C2 communication. https://github.com/Dliv3/DomainBorrowing

  • DomainBorrowing

    Domain Borrowing PoC

    an implementation is here - Covenant Implant Template, which uses Domain Borrowing for C2 communication. https://github.com/Dliv3/DomainBorrowing

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts