Parsia's Den

Because no one wants to be the other guy from Wham!

Jul 28, 2016 - 14 minute read - Comments - Thick Client Proxying Proxy

Thick Client Proxying - Part 6: How HTTP(s) Proxies Work

In order to create our own custom proxies, first we need to know how proxies work. When I wanted to write a custom proxy tool (it’s a simple Python script) in Hipchat part3, I had to go back and learn how they work. I did not find such a resource online that looked at proxies from an infosec perspective. Most talked about how to configure caching or forwarding proxies and not much about MitM ones. I have briefly talked about it in the section 2 of the same post named How does a Proxy Work?. In this post I am going to take a deep(er) dive. I actually read some RFCs and they were surprisingly well written.

If you want to skip the intro, go to section 3.

Jun 7, 2016 - 3 minute read - Comments - Thick Client Proxying Portproxy

Windows Netsh Interface Portproxy

I thought I had found the Windows iptables with Portproxy but I was wrong. But I learned something neat in the process and I am documenting it to access it when I need it.

Portproxy allows you to listen on a certain port on one of your network interfaces (or all interfaces) and redirect all traffic to that interface (on your computer) to another port/IP address.

The to that interface is the limitation that unfortunately kills it. This will be a short post.

Jun 1, 2016 - 1 minute read - Comments - Go Not Security

Learning Go

I have decided to learn Go (or Golang). I went through the Tour of Go and made some notes. Some of the items/code are directly copy pasted from there. The notes are just a cheatsheet to help me look things up quickly while learning. I will update that page as I learn more.

You can see the notes at