29 July - Noseyparker

I added PII detection logic to my TLS proxy connection handler - so far I'm parsing HTTPS request query strings and headers for PII. I compared a small number of alerts against PII I found in clear-text (unencrypted) traffic logs for the same apps (traffic logs were collected using the mitmproxy tool). The alerts raised look correct and I'm more confident the handler is working properly.

Now that I'm inspecting HTTPS traffic I noticed there is a conflict with the HTTP traffic handler. It doesn't look too difficult to fix but will require some thought to get the design right.

I started a new subject this week, and need will need to do some admin and get started on the research project over the next 2 days - I still plan to do work on the SoC project just less than usual.