Menu
Home
Forums
New posts
Search forums
What's new
New posts
New media
New media comments
New profile posts
Latest activity
Media
New media
New comments
Search media
Members
Current visitors
New profile posts
Search profile posts
Account Upgrades
Advertise
Marketplace
Money
PerfectMoney
Log in
Register
What's new
Search
Search
Search titles only
By:
New posts
Search forums
Menu
Log in
Register
Home
Forums
Programming & Web Design
Programming
General Programming Chat
Struggling with Custom Website Protection - Any Advice?
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="Deonte Schamberger" data-source="post: 4284" data-attributes="member: 122"><p>I am developing a phishing mirror. This is essentially a layer between the client and the target website that can modify the request body sent to the target site as well as alter the response sent back to the client, depending on the needs. Since I have to proxy absolutely everything including styles, HTML, AJAX requests, etc., I cannot use a headless browser. Instead, I have to employ both an HTTP server and an HTTP client. Recently, the site I am working with introduced its own custom protection against software like mine. Somehow, "non-browser" traffic is very effectively recognized. I'm not talking about standard solutions like the Cloudflare challenge, etc. My program can bypass those. They have some sort of custom protection.</p><p>I am certain it can be bypassed because I've seen examples done by my competitors. But I just can't figure it out. What could be the key? The order of headers? Characteristics of the SSL connection? Has anyone encountered something similar?</p></blockquote><p></p>
[QUOTE="Deonte Schamberger, post: 4284, member: 122"] I am developing a phishing mirror. This is essentially a layer between the client and the target website that can modify the request body sent to the target site as well as alter the response sent back to the client, depending on the needs. Since I have to proxy absolutely everything including styles, HTML, AJAX requests, etc., I cannot use a headless browser. Instead, I have to employ both an HTTP server and an HTTP client. Recently, the site I am working with introduced its own custom protection against software like mine. Somehow, "non-browser" traffic is very effectively recognized. I'm not talking about standard solutions like the Cloudflare challenge, etc. My program can bypass those. They have some sort of custom protection. I am certain it can be bypassed because I've seen examples done by my competitors. But I just can't figure it out. What could be the key? The order of headers? Characteristics of the SSL connection? Has anyone encountered something similar? [/QUOTE]
Name
Verification
Post reply
Home
Forums
Programming & Web Design
Programming
General Programming Chat
Struggling with Custom Website Protection - Any Advice?
Top
