Overview
Explore JARM fingerprinting evasion techniques in this Hack In The Box Security Conference talk. Learn about the JARM randomizer proxy for thwarting Command and Control channel detection, understand the challenges of TLS-based fingerprinting, and discover methods to avoid blocklists. Gain insights into scaling tactics, mimicking targeted server configurations, and profiling specially crafted client Hello packets. Delve into the theoretical groundwork for future research and automation in TLS-based fingerprinting evasion, presented by threat researcher Dagmawi Mulugeta.
Syllabus
Intro
Who am I
Agenda
TLS
JARM Fingerprinting
What is JARM
How JARM works
What is JARM fingerprint
Challenges with JARM
Testing
JARM Transport
JARM Randomizer
Placement
Setup
Results
Use Cases
Limitations
Recognition
Conclusion
Taught by
Hack In The Box Security Conference