New RoadK1ll WebSocket implant used to pivot on breached networks

A newly identified malicious implant named RoadK1ll is enabling threat actors to quietly move from a compromised host to ...
GitHub

README.md

WebSockets change that model fundamentally. A WebSocket connection starts as an HTTP request — the client sends an Upgrade: websocket header — but once the server agrees, the protocol switches. What ...
GitHub

moonlight-web-ws-proxy

Browsers block file:// pages from making requests to external HTTPS servers (CORS). This proxy runs locally and bridges your browser to a remote moonlight-web-stream server, handling auth cookies, ...