Deonte Schamberger
New member
- Joined
- Apr 8, 2024
- Messages
- 19
- Points
- 1
I am developing a phishing mirror. This is essentially a layer between the client and the target website that can modify the request body sent to the target site as well as alter the response sent back to the client, depending on the needs. Since I have to proxy absolutely everything including styles, HTML, AJAX requests, etc., I cannot use a headless browser. Instead, I have to employ both an HTTP server and an HTTP client. Recently, the site I am working with introduced its own custom protection against software like mine. Somehow, "non-browser" traffic is very effectively recognized. I'm not talking about standard solutions like the Cloudflare challenge, etc. My program can bypass those. They have some sort of custom protection.
I am certain it can be bypassed because I've seen examples done by my competitors. But I just can't figure it out. What could be the key? The order of headers? Characteristics of the SSL connection? Has anyone encountered something similar?
I am certain it can be bypassed because I've seen examples done by my competitors. But I just can't figure it out. What could be the key? The order of headers? Characteristics of the SSL connection? Has anyone encountered something similar?