David is very creative, and sneaky, David is one of the good guys, be like David

Good crowd ❤️, Snoopcon24

Great day at SnoopCon. Honoured to have been accepted to talk about all things #DataBouncing and to showcase some of the behind the scenes work that some are up to. I am Jakoby @N1ckDunn and the guys at tuoni.io

Databouncing will go under the radar of traditional #CTI as we know it, I’d be interested in hearing strategies to try and bring covert comms back into the fold

Ayo #bugbounty hunters, you want to squeeze some money out of those lame host header poisonings ? Check out CWE-441 - then check out #databouncing - all you have to do is argue with triage until you are a millionaire 😁🫡

Seeing lots of databouncing candidates on Chinese infrastructure 🥸

I'll be speaking at Defcon Gloucester this evening on all things Databouncing. Hopefully see some of you later!

While databouncing is pretty unstoppable in most cases it’s always nice if you’re gifted even more: PAN-234015 The X-Forwarded-For (XFF) value is not displayed in traffic logs.

checkcybersecurity.service.ncsc.gov.uk/ip-check/form great for businesses, and databouncing aficionados ?

If you want to databounce via email gist.github.com/yosignals/dce9… This is crude but functional It will use the hostname space as you’d expect, 500 recipients per send

Hmmm Databouncing + Fastflux, hmmmm