As we all know, security is a big thing here in Null Byte. We've talked quite a bit about ways to encrypt traffic and become anonymous on the internet, some of which entail using proxies, VPNs, and SSH tunnels. We've also talked about preference using SSL pages in practice for safe logins. These are all great protocols and tools, but aren't without their flaws and inconveniences.
For example, when you are using public Wi-Fi, it is very inconvenient to open a terminal, connect to your shell, forward your traffic, and reconfigure all of your applications. Web proxies have been a common practice as a simple way to encrypt and anonymize traffic, but this also is not without its flaws. The initial connection to the proxy is still unencrypted and a lot of people don't even realize this, or they ignore its significance.
For this Null Byte, we are going to use a cool tool made by Moxie Marlinspike (my hero) called Firemole. Firemole creates an SSL-encrypted connection to a proxy, thus, all of your traffic becomes safe! Firemole is an add-on for the Mozilla Firefox browser.
- Mozilla Firefox
Step 1 Download & Install Firemole
First, let's start off by installing the plugin. Make sure you know where the file downloaded to.
- Download Firemole from here.
- Open Firefox.
- Navigate to the add-ons menu. This will differ depending on how you have your menu bar configured.
- Click the dropdown menu next to the search bar and select Install add-on from a file.
- Navigate to the firemole.xpi file and install it.
Step 2 Use Firemole to Connect to a Proxy
Here's a vTutorial I made that will show you how to navigate the interface to get Firemole going.
With that done, you are set up with SSL connected proxies! No more need for SSH tunnels on-the-go. For Null Byte updates, follow me on Twitter. Also, feel free to join the IRC for more information and chatter.
Want to start making money as a white hat hacker? Jump-start your hacking career with our 2020 Premium Ethical Hacking Certification Training Bundle from the new Null Byte Shop and get over 60 hours of training from cybersecurity professionals.
Other worthwhile deals to check out: