| ▲ | thedougd 2 hours ago | |
I've done this exact approach before. It's a good way to exfiltrate data. Post the software on GitHub pages, or a popular CDN that co-hosts other shared libraries and you've got a very difficult to block method. Really goes to show that it's very difficult to stop a motivated and informed actor. | ||
| ▲ | skinfaxi 2 hours ago | parent | next [-] | |
If you can connect to Github pages couldn't you exfil that way? This takes 2 mins for 100KB. | ||
| ▲ | skeptic_ai 39 minutes ago | parent | prev [-] | |
Npm install qr-made-up-name Can show qr in console. How do you stop that? | ||