Émilio Gonzalez
Émilio Gonzalez
Right now, only the proxy parsing gets cached:  There should be a mechanism to not have to evaluate JS (costly) multiple time for the same domain name. I've been...
Here are some ideas to test some parts that are not tested yet in the current CI or generally improve the CI/CD pipeline: - [x] Test the launch of pyrdp-mitm.py...
While working on a CTF challenge, I wanted to test some things with the dynamic channels (if you come across this PR in the context of said CTF, this PR...
The defer() function "swallows" errors of the coroutine called in it, so the error is never displayed to the user. I'm working on something else and I don't know how...
Following discussion in #233 with @obilodeau, here are my changes to allow the CLIENT (I didnt do the server part) to send other data blocks in the negociation phase. The...
Right now, when receiving the clientData PDU (MCS connect initial, https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rdpbcgr/db6713ee-1c0e-4064-a3b3-0fac30b4037b), PyRDP only parses the 3 required data blocks (clientCoreData, clientSecurityData, clientNetworkData) and one optionnal data block (clientClusterData). However, more...
**Log client's monitor extended data** This contains many information about the client's monitors, such as the physical size, orientation and scaling, which can be used to identify users. Reference: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rdpbcgr/dfaf8842-c20c-4626-bd3b-8b7d0463bc0f
After a discussion with a guy at derbycon, we realized that we didnt log the keyboard input nor notify the attacker when the client interacts with the connection. Something should...
Hi! Just stumbled upon your project, looks really cool. I'm currently building a detection-as-code pipeline for QRadar SIEM, but using pySigma, since sigmac is deprecated. Is there any plan to...
When adding screenshots as evidence files, it's very cumbersome to have to save the image to disk, then navigate to find it, then upload it. A nice solution to this...