SlideShare a Scribd company logo

DEF CON 23 - Ryan Mitchell - separating bots from humans

Felipe Prado
Felipe Prado

DEF CON 23 - Ryan Mitchell - separating bots from humans

Technology
1 of 27
Download to read offline
Separating Bots from Humans Ryan Mitchell @kludgist DEF CON 23 August 8th, 2015
Who am I? ● Software Engineer ● Author of two books: ○ Web Scraping with Python (O’Reilly, 2015) ○ Instant Web Scraping with Java (Packt, 2013) ● Engineering grad from Olin College ● Masters student at Harvard University School of Extension Studies, 2016
A history of this talk
The O’Reilly Hacking Book:
Separating Bots from Humans
Pro-tips to get what you want: ● Include some market research ● Write it in Python, because it’s really popular
What are Web Scrapers, Bots, etc? ● They can use browsers ● They can take their sweet time ● They can be surprisingly smart ● They can be stunningly idiotic
Why They’re Important source: https://www.incapsula.com/blog/bot-traffic-report-2014.html
On the Defense Side of Things (For better or worse)
robots.txt? ● “No Trespassing, please?”
Terms of Service ● “Hey! You said you wouldn’t trespass!”
Headers ● “I’m totally not a bot. Promise”
JavaScript ● Make your site un-indexable for anyone but the bad guys
Embedding Text in Images ● Oh come on. ● You’re the type of person who writes email addresses like “m e (at sign) domain . com” ○ And you have duct tape on your laptop’s web cam, mostly because you never use it.
CAPTCHAs Annoying Breakable
Honepots ● Can be effective, if implemented correctly ● Please don’t block the Google bots
Example time! http://ryanemitchell.com/honeypots.html
Behavioral Patterns ● Now we’re getting somewhere! ● Again, please don’t block the Google bots
IP Address Blocking ● It’s sort of effective… If they didn’t really care in the first place ● Lists are a pain to maintain ● You can easily block the good guys
On the Attack Side of Things...
Targeted vs. Non-Targeted Attacks ● Non-targeted: Also known as, “look for /phpMyAdmin” ● Targeted, usually to get proprietary data
OCR ● Works best on relatively normal text ● Can be used to solve CAPTCHAs ○ Time consuming to create training data. Have a series or two of a TV show ready
OCR Training Tool ● Everything you need to solve a CAPTCHA! https://github.com/REMitchell/tesseract-trainer
JavaScript Execution ● Selenium ● PhantomJS
Honeypot Avoidance ● Better than you might expect -- it’s biggest weakness is color https://github.com/REMitchell/python- scraping/blob/master/chapter12/3- honeypotDetection.py
Stop Caring! ● Bot-proofing sites is way too much work, and often impedes accessibility ● Is your data really that valuable? ○ Consider API costs, ease of use -- make it more attractive to pay for data ● If your application is vulnerable to automated attacks, it’s vulnerable, period.
Question time!

Recommended

What do i do
What do i do What do i do
What do i do Jebin BV
 
My Bug Hunting With Open Source
My Bug Hunting With Open SourceMy Bug Hunting With Open Source
My Bug Hunting With Open SourceMadhu Akula
 
Rails Girls Resources
Rails Girls ResourcesRails Girls Resources
Rails Girls Resourcesberlintam
 
Fun & profit with bug bounties
Fun & profit with bug bountiesFun & profit with bug bounties
Fun & profit with bug bountiesn|u - The Open Security Community
 
Common mistakes by beginners in Programming
Common mistakes by beginners in ProgrammingCommon mistakes by beginners in Programming
Common mistakes by beginners in ProgrammingDejan Toteff
 
A/B Testing That Matters
A/B Testing That MattersA/B Testing That Matters
A/B Testing That MattersBlake Commagere
 
Coding standard let’s do it
Coding standard let’s do itCoding standard let’s do it
Coding standard let’s do itMinh Quang Trần
 
Automação de testes funcionais com Python e Mechanize
Automação de testes funcionais com Python e MechanizeAutomação de testes funcionais com Python e Mechanize
Automação de testes funcionais com Python e MechanizeRobson Agapito Correa
 

Recommended

What do i do
What do i do What do i do
What do i do Jebin BV
 
My Bug Hunting With Open Source
My Bug Hunting With Open SourceMy Bug Hunting With Open Source
My Bug Hunting With Open SourceMadhu Akula
 
Rails Girls Resources
Rails Girls ResourcesRails Girls Resources
Rails Girls Resourcesberlintam
 
Fun & profit with bug bounties
Fun & profit with bug bountiesFun & profit with bug bounties
Fun & profit with bug bountiesn|u - The Open Security Community
 
Common mistakes by beginners in Programming
Common mistakes by beginners in ProgrammingCommon mistakes by beginners in Programming
Common mistakes by beginners in ProgrammingDejan Toteff
 
A/B Testing That Matters
A/B Testing That MattersA/B Testing That Matters
A/B Testing That MattersBlake Commagere
 
Coding standard let’s do it
Coding standard let’s do itCoding standard let’s do it
Coding standard let’s do itMinh Quang Trần
 
Automação de testes funcionais com Python e Mechanize
Automação de testes funcionais com Python e MechanizeAutomação de testes funcionais com Python e Mechanize
Automação de testes funcionais com Python e MechanizeRobson Agapito Correa
 
Sadinenis
SadinenisSadinenis
Sadinenistejaweb
 
Developing Better Software
Developing Better SoftwareDeveloping Better Software
Developing Better SoftwareHean Hong Leong
 
TDD with BabyMock 2
TDD with BabyMock 2TDD with BabyMock 2
TDD with BabyMock 2Attila Magyar
 
A quick guide to some prominent Ruby on Rails learning materials
A quick guide to some prominent Ruby on Rails learning materialsA quick guide to some prominent Ruby on Rails learning materials
A quick guide to some prominent Ruby on Rails learning materialsThomas Elam
 
Functional Programming with Groovy
Functional Programming with GroovyFunctional Programming with Groovy
Functional Programming with GroovyMario García
 
Unlocking your team's potential with pair programming (workshop)
Unlocking your team's potential with pair programming (workshop)Unlocking your team's potential with pair programming (workshop)
Unlocking your team's potential with pair programming (workshop)Mattia Battiston
 
Gpars Workshop 2014
Gpars Workshop 2014Gpars Workshop 2014
Gpars Workshop 2014Mario García
 
Python for Beginners - How to Learn Python Easily
Python for Beginners - How to Learn Python EasilyPython for Beginners - How to Learn Python Easily
Python for Beginners - How to Learn Python EasilyCorey McCreary
 
Spitfire: Template Lightning Talk
Spitfire: Template Lightning TalkSpitfire: Template Lightning Talk
Spitfire: Template Lightning Talkguest50cae8
 
MyKavita Launch
MyKavita LaunchMyKavita Launch
MyKavita LaunchSheth Raxit
 
Analyzing natural language feedback using python
Analyzing natural language feedback using pythonAnalyzing natural language feedback using python
Analyzing natural language feedback using pythonroskakori
 
Exceptions: Why, When, How and Where!
Exceptions: Why, When, How and Where!Exceptions: Why, When, How and Where!
Exceptions: Why, When, How and Where!Hernan Wilkinson
 
WordCamp Milwaukee 2012 - Aaron Saray - Secure Wordpress Coding
WordCamp Milwaukee 2012 - Aaron Saray - Secure Wordpress CodingWordCamp Milwaukee 2012 - Aaron Saray - Secure Wordpress Coding
WordCamp Milwaukee 2012 - Aaron Saray - Secure Wordpress CodingAaron Saray
 
Assisting bots in crawling the web better
Assisting bots in crawling the web betterAssisting bots in crawling the web better
Assisting bots in crawling the web betterKahWee Teng
 
Go/Ruby/Java: What's next?
Go/Ruby/Java: What's next?Go/Ruby/Java: What's next?
Go/Ruby/Java: What's next?Hernan Wilkinson
 
Black Ops Testing Workshop from Agile Testing Days 2014
Black Ops Testing Workshop from Agile Testing Days 2014Black Ops Testing Workshop from Agile Testing Days 2014
Black Ops Testing Workshop from Agile Testing Days 2014Alan Richardson
 
Python in Industry
Python in IndustryPython in Industry
Python in IndustryDharmit Shah
 
Introduce Python
Introduce PythonIntroduce Python
Introduce PythonM Asep Indrayana
 
Dev presentation
Dev presentationDev presentation
Dev presentationDavid Ford
 
Common SEO Mistakes During Site Relaunches, Redesigns, Migrations (2018)
Common SEO Mistakes During Site Relaunches, Redesigns, Migrations (2018) Common SEO Mistakes During Site Relaunches, Redesigns, Migrations (2018)
Common SEO Mistakes During Site Relaunches, Redesigns, Migrations (2018) Melanie Phung
 
Informal talk at pict
Informal talk at pictInformal talk at pict
Informal talk at pictMayank Jain
 
TSC Summit #4 - Howto get browser persitence and remote execution (JS)
TSC Summit #4 - Howto get browser persitence and remote execution (JS)TSC Summit #4 - Howto get browser persitence and remote execution (JS)
TSC Summit #4 - Howto get browser persitence and remote execution (JS)Mikal Villa
 

More Related Content

What's hot

Sadinenis
SadinenisSadinenis
Sadinenistejaweb
 
Developing Better Software
Developing Better SoftwareDeveloping Better Software
Developing Better SoftwareHean Hong Leong
 
A quick guide to some prominent Ruby on Rails learning materials
A quick guide to some prominent Ruby on Rails learning materialsA quick guide to some prominent Ruby on Rails learning materials
A quick guide to some prominent Ruby on Rails learning materialsThomas Elam
 
Functional Programming with Groovy
Functional Programming with GroovyFunctional Programming with Groovy
Functional Programming with GroovyMario García
 
Unlocking your team's potential with pair programming (workshop)
Unlocking your team's potential with pair programming (workshop)Unlocking your team's potential with pair programming (workshop)
Unlocking your team's potential with pair programming (workshop)Mattia Battiston
 
Python for Beginners - How to Learn Python Easily
Python for Beginners - How to Learn Python EasilyPython for Beginners - How to Learn Python Easily
Python for Beginners - How to Learn Python EasilyCorey McCreary
 
Spitfire: Template Lightning Talk
Spitfire: Template Lightning TalkSpitfire: Template Lightning Talk
Spitfire: Template Lightning Talkguest50cae8
 
Analyzing natural language feedback using python
Analyzing natural language feedback using pythonAnalyzing natural language feedback using python
Analyzing natural language feedback using pythonroskakori
 
Exceptions: Why, When, How and Where!
Exceptions: Why, When, How and Where!Exceptions: Why, When, How and Where!
Exceptions: Why, When, How and Where!Hernan Wilkinson
 
WordCamp Milwaukee 2012 - Aaron Saray - Secure Wordpress Coding
WordCamp Milwaukee 2012 - Aaron Saray - Secure Wordpress CodingWordCamp Milwaukee 2012 - Aaron Saray - Secure Wordpress Coding
WordCamp Milwaukee 2012 - Aaron Saray - Secure Wordpress CodingAaron Saray
 
Assisting bots in crawling the web better
Assisting bots in crawling the web betterAssisting bots in crawling the web better
Assisting bots in crawling the web betterKahWee Teng
 
Go/Ruby/Java: What's next?
Go/Ruby/Java: What's next?Go/Ruby/Java: What's next?
Go/Ruby/Java: What's next?Hernan Wilkinson
 

What's hot (15)

Sadinenis
SadinenisSadinenis
Sadinenis
 
Developing Better Software
Developing Better SoftwareDeveloping Better Software
Developing Better Software
 
TDD with BabyMock 2
TDD with BabyMock 2TDD with BabyMock 2
TDD with BabyMock 2
 
A quick guide to some prominent Ruby on Rails learning materials
A quick guide to some prominent Ruby on Rails learning materialsA quick guide to some prominent Ruby on Rails learning materials
A quick guide to some prominent Ruby on Rails learning materials
 
Functional Programming with Groovy
Functional Programming with GroovyFunctional Programming with Groovy
Functional Programming with Groovy
 
Unlocking your team's potential with pair programming (workshop)
Unlocking your team's potential with pair programming (workshop)Unlocking your team's potential with pair programming (workshop)
Unlocking your team's potential with pair programming (workshop)
 
Gpars Workshop 2014
Gpars Workshop 2014Gpars Workshop 2014
Gpars Workshop 2014
 
Python for Beginners - How to Learn Python Easily
Python for Beginners - How to Learn Python EasilyPython for Beginners - How to Learn Python Easily
Python for Beginners - How to Learn Python Easily
 
Spitfire: Template Lightning Talk
Spitfire: Template Lightning TalkSpitfire: Template Lightning Talk
Spitfire: Template Lightning Talk
 
MyKavita Launch
MyKavita LaunchMyKavita Launch
MyKavita Launch
 
Analyzing natural language feedback using python
Analyzing natural language feedback using pythonAnalyzing natural language feedback using python
Analyzing natural language feedback using python
 
Exceptions: Why, When, How and Where!
Exceptions: Why, When, How and Where!Exceptions: Why, When, How and Where!
Exceptions: Why, When, How and Where!
 
WordCamp Milwaukee 2012 - Aaron Saray - Secure Wordpress Coding
WordCamp Milwaukee 2012 - Aaron Saray - Secure Wordpress CodingWordCamp Milwaukee 2012 - Aaron Saray - Secure Wordpress Coding
WordCamp Milwaukee 2012 - Aaron Saray - Secure Wordpress Coding
 
Assisting bots in crawling the web better
Assisting bots in crawling the web betterAssisting bots in crawling the web better
Assisting bots in crawling the web better
 
Go/Ruby/Java: What's next?
Go/Ruby/Java: What's next?Go/Ruby/Java: What's next?
Go/Ruby/Java: What's next?
 

Similar to DEF CON 23 - Ryan Mitchell - separating bots from humans

Black Ops Testing Workshop from Agile Testing Days 2014
Black Ops Testing Workshop from Agile Testing Days 2014Black Ops Testing Workshop from Agile Testing Days 2014
Black Ops Testing Workshop from Agile Testing Days 2014Alan Richardson
 
Python in Industry
Python in IndustryPython in Industry
Python in IndustryDharmit Shah
 
Dev presentation
Dev presentationDev presentation
Dev presentationDavid Ford
 
Common SEO Mistakes During Site Relaunches, Redesigns, Migrations (2018)
Common SEO Mistakes During Site Relaunches, Redesigns, Migrations (2018) Common SEO Mistakes During Site Relaunches, Redesigns, Migrations (2018)
Common SEO Mistakes During Site Relaunches, Redesigns, Migrations (2018) Melanie Phung
 
Informal talk at pict
Informal talk at pictInformal talk at pict
Informal talk at pictMayank Jain
 
TSC Summit #4 - Howto get browser persitence and remote execution (JS)
TSC Summit #4 - Howto get browser persitence and remote execution (JS)TSC Summit #4 - Howto get browser persitence and remote execution (JS)
TSC Summit #4 - Howto get browser persitence and remote execution (JS)Mikal Villa
 
Limits of Machine Learning
Limits of Machine LearningLimits of Machine Learning
Limits of Machine LearningAlexey Grigorev
 
Adversarial Simulation Nickerson/Gates Wild West Hacking Fest Oct 2017
Adversarial Simulation Nickerson/Gates Wild West Hacking Fest Oct 2017Adversarial Simulation Nickerson/Gates Wild West Hacking Fest Oct 2017
Adversarial Simulation Nickerson/Gates Wild West Hacking Fest Oct 2017Chris Gates
 
Pentester++
Pentester++Pentester++
Pentester++CTruncer
 
How we use Bottle and Elasticsearch
How we use Bottle and ElasticsearchHow we use Bottle and Elasticsearch
How we use Bottle and Elasticsearchswee meng ng
 
PARC Forum 2009: Adventures in SearchLand
PARC Forum 2009: Adventures in SearchLandPARC Forum 2009: Adventures in SearchLand
PARC Forum 2009: Adventures in SearchLandValeria de Paiva
 
Validating big data jobs - Spark AI Summit EU
Validating big data jobs - Spark AI Summit EUValidating big data jobs - Spark AI Summit EU
Validating big data jobs - Spark AI Summit EUHolden Karau
 
Introduction to Web Design for Literary Theorists I: Introduction to HTML (v....
Introduction to Web Design for Literary Theorists I: Introduction to HTML (v....Introduction to Web Design for Literary Theorists I: Introduction to HTML (v....
Introduction to Web Design for Literary Theorists I: Introduction to HTML (v....Patrick Mooney
 
CONFidence 2018: XSS is dead. We just don't get it (Mario Heiderich)
CONFidence 2018: XSS is dead. We just don't get it (Mario Heiderich)CONFidence 2018: XSS is dead. We just don't get it (Mario Heiderich)
CONFidence 2018: XSS is dead. We just don't get it (Mario Heiderich)PROIDEA
 
DevOps, Performance Optimization and the Green Life with Magento
DevOps, Performance Optimization and the Green Life with MagentoDevOps, Performance Optimization and the Green Life with Magento
DevOps, Performance Optimization and the Green Life with MagentoLuis Tineo
 
brighton final.pptx
brighton final.pptxbrighton final.pptx
brighton final.pptxssuser152aeb
 

Similar to DEF CON 23 - Ryan Mitchell - separating bots from humans (20)

Black Ops Testing Workshop from Agile Testing Days 2014
Black Ops Testing Workshop from Agile Testing Days 2014Black Ops Testing Workshop from Agile Testing Days 2014
Black Ops Testing Workshop from Agile Testing Days 2014
 
Python in Industry
Python in IndustryPython in Industry
Python in Industry
 
Introduce Python
Introduce PythonIntroduce Python
Introduce Python
 
Dev presentation
Dev presentationDev presentation
Dev presentation
 
Common SEO Mistakes During Site Relaunches, Redesigns, Migrations (2018)
Common SEO Mistakes During Site Relaunches, Redesigns, Migrations (2018) Common SEO Mistakes During Site Relaunches, Redesigns, Migrations (2018)
Common SEO Mistakes During Site Relaunches, Redesigns, Migrations (2018)
 
Informal talk at pict
Informal talk at pictInformal talk at pict
Informal talk at pict
 
TSC Summit #4 - Howto get browser persitence and remote execution (JS)
TSC Summit #4 - Howto get browser persitence and remote execution (JS)TSC Summit #4 - Howto get browser persitence and remote execution (JS)
TSC Summit #4 - Howto get browser persitence and remote execution (JS)
 
Content In The Age of AI
Content In The Age of AIContent In The Age of AI
Content In The Age of AI
 
Limits of Machine Learning
Limits of Machine LearningLimits of Machine Learning
Limits of Machine Learning
 
Adversarial Simulation Nickerson/Gates Wild West Hacking Fest Oct 2017
Adversarial Simulation Nickerson/Gates Wild West Hacking Fest Oct 2017Adversarial Simulation Nickerson/Gates Wild West Hacking Fest Oct 2017
Adversarial Simulation Nickerson/Gates Wild West Hacking Fest Oct 2017
 
Pentester++
Pentester++Pentester++
Pentester++
 
Python (part 0)
Python (part 0)Python (part 0)
Python (part 0)
 
How we use Bottle and Elasticsearch
How we use Bottle and ElasticsearchHow we use Bottle and Elasticsearch
How we use Bottle and Elasticsearch
 
PARC Forum 2009: Adventures in SearchLand
PARC Forum 2009: Adventures in SearchLandPARC Forum 2009: Adventures in SearchLand
PARC Forum 2009: Adventures in SearchLand
 
Polymer: welcome to the future!
Polymer: welcome to the future!Polymer: welcome to the future!
Polymer: welcome to the future!
 
Validating big data jobs - Spark AI Summit EU
Validating big data jobs - Spark AI Summit EUValidating big data jobs - Spark AI Summit EU
Validating big data jobs - Spark AI Summit EU
 
Introduction to Web Design for Literary Theorists I: Introduction to HTML (v....
Introduction to Web Design for Literary Theorists I: Introduction to HTML (v....Introduction to Web Design for Literary Theorists I: Introduction to HTML (v....
Introduction to Web Design for Literary Theorists I: Introduction to HTML (v....
 
CONFidence 2018: XSS is dead. We just don't get it (Mario Heiderich)
CONFidence 2018: XSS is dead. We just don't get it (Mario Heiderich)CONFidence 2018: XSS is dead. We just don't get it (Mario Heiderich)
CONFidence 2018: XSS is dead. We just don't get it (Mario Heiderich)
 
DevOps, Performance Optimization and the Green Life with Magento
DevOps, Performance Optimization and the Green Life with MagentoDevOps, Performance Optimization and the Green Life with Magento
DevOps, Performance Optimization and the Green Life with Magento
 
brighton final.pptx
brighton final.pptxbrighton final.pptx
brighton final.pptx
 

More from Felipe Prado

DEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directory
DEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directoryDEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directory
DEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directoryFelipe Prado
 
DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...
DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...
DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...Felipe Prado
 
DEF CON 24 - Tamas Szakaly - help i got ants
DEF CON 24 - Tamas Szakaly - help i got antsDEF CON 24 - Tamas Szakaly - help i got ants
DEF CON 24 - Tamas Szakaly - help i got antsFelipe Prado
 
DEF CON 24 - Ladar Levison - compelled decryption
DEF CON 24 - Ladar Levison - compelled decryptionDEF CON 24 - Ladar Levison - compelled decryption
DEF CON 24 - Ladar Levison - compelled decryptionFelipe Prado
 
DEF CON 24 - Clarence Chio - machine duping 101
DEF CON 24 - Clarence Chio - machine duping 101DEF CON 24 - Clarence Chio - machine duping 101
DEF CON 24 - Clarence Chio - machine duping 101Felipe Prado
 
DEF CON 24 - Chris Rock - how to overthrow a government
DEF CON 24 - Chris Rock - how to overthrow a governmentDEF CON 24 - Chris Rock - how to overthrow a government
DEF CON 24 - Chris Rock - how to overthrow a governmentFelipe Prado
 
DEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardware
DEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardwareDEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardware
DEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardwareFelipe Prado
 
DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...
DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...
DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...Felipe Prado
 
DEF CON 24 - Jay Beale and Larry Pesce - phishing without frustration
DEF CON 24 - Jay Beale and Larry Pesce - phishing without frustrationDEF CON 24 - Jay Beale and Larry Pesce - phishing without frustration
DEF CON 24 - Jay Beale and Larry Pesce - phishing without frustrationFelipe Prado
 
DEF CON 24 - Gorenc Sands - hacker machine interface
DEF CON 24 - Gorenc Sands - hacker machine interfaceDEF CON 24 - Gorenc Sands - hacker machine interface
DEF CON 24 - Gorenc Sands - hacker machine interfaceFelipe Prado
 
DEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionist
DEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionistDEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionist
DEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionistFelipe Prado
 
DEF CON 24 - Rose and Ramsey - picking bluetooth low energy locks
DEF CON 24 - Rose and Ramsey - picking bluetooth low energy locksDEF CON 24 - Rose and Ramsey - picking bluetooth low energy locks
DEF CON 24 - Rose and Ramsey - picking bluetooth low energy locksFelipe Prado
 
DEF CON 24 - Rich Mogull - pragmatic cloud security
DEF CON 24 - Rich Mogull - pragmatic cloud securityDEF CON 24 - Rich Mogull - pragmatic cloud security
DEF CON 24 - Rich Mogull - pragmatic cloud securityFelipe Prado
 
DEF CON 24 - Grant Bugher - Bypassing captive portals
DEF CON 24 - Grant Bugher - Bypassing captive portalsDEF CON 24 - Grant Bugher - Bypassing captive portals
DEF CON 24 - Grant Bugher - Bypassing captive portalsFelipe Prado
 
DEF CON 24 - Patrick Wardle - 99 problems little snitch
DEF CON 24 - Patrick Wardle - 99 problems little snitchDEF CON 24 - Patrick Wardle - 99 problems little snitch
DEF CON 24 - Patrick Wardle - 99 problems little snitchFelipe Prado
 
DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...
DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...
DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...Felipe Prado
 
DEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucks
DEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucksDEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucks
DEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucksFelipe Prado
 
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
DEF CON 24 - Dinesh and Shetty - practical android application exploitationDEF CON 24 - Dinesh and Shetty - practical android application exploitation
DEF CON 24 - Dinesh and Shetty - practical android application exploitationFelipe Prado
 
DEF CON 24 - Klijnsma and Tentler - stargate pivoting through vnc
DEF CON 24 - Klijnsma and Tentler - stargate pivoting through vncDEF CON 24 - Klijnsma and Tentler - stargate pivoting through vnc
DEF CON 24 - Klijnsma and Tentler - stargate pivoting through vncFelipe Prado
 
DEF CON 24 - Antonio Joseph - fuzzing android devices
DEF CON 24 - Antonio Joseph - fuzzing android devicesDEF CON 24 - Antonio Joseph - fuzzing android devices
DEF CON 24 - Antonio Joseph - fuzzing android devicesFelipe Prado
 

More from Felipe Prado (20)

DEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directory
DEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directoryDEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directory
DEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directory
 
DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...
DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...
DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...
 
DEF CON 24 - Tamas Szakaly - help i got ants
DEF CON 24 - Tamas Szakaly - help i got antsDEF CON 24 - Tamas Szakaly - help i got ants
DEF CON 24 - Tamas Szakaly - help i got ants
 
DEF CON 24 - Ladar Levison - compelled decryption
DEF CON 24 - Ladar Levison - compelled decryptionDEF CON 24 - Ladar Levison - compelled decryption
DEF CON 24 - Ladar Levison - compelled decryption
 
DEF CON 24 - Clarence Chio - machine duping 101
DEF CON 24 - Clarence Chio - machine duping 101DEF CON 24 - Clarence Chio - machine duping 101
DEF CON 24 - Clarence Chio - machine duping 101
 
DEF CON 24 - Chris Rock - how to overthrow a government
DEF CON 24 - Chris Rock - how to overthrow a governmentDEF CON 24 - Chris Rock - how to overthrow a government
DEF CON 24 - Chris Rock - how to overthrow a government
 
DEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardware
DEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardwareDEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardware
DEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardware
 
DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...
DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...
DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...
 
DEF CON 24 - Jay Beale and Larry Pesce - phishing without frustration
DEF CON 24 - Jay Beale and Larry Pesce - phishing without frustrationDEF CON 24 - Jay Beale and Larry Pesce - phishing without frustration
DEF CON 24 - Jay Beale and Larry Pesce - phishing without frustration
 
DEF CON 24 - Gorenc Sands - hacker machine interface
DEF CON 24 - Gorenc Sands - hacker machine interfaceDEF CON 24 - Gorenc Sands - hacker machine interface
DEF CON 24 - Gorenc Sands - hacker machine interface
 
DEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionist
DEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionistDEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionist
DEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionist
 
DEF CON 24 - Rose and Ramsey - picking bluetooth low energy locks
DEF CON 24 - Rose and Ramsey - picking bluetooth low energy locksDEF CON 24 - Rose and Ramsey - picking bluetooth low energy locks
DEF CON 24 - Rose and Ramsey - picking bluetooth low energy locks
 
DEF CON 24 - Rich Mogull - pragmatic cloud security
DEF CON 24 - Rich Mogull - pragmatic cloud securityDEF CON 24 - Rich Mogull - pragmatic cloud security
DEF CON 24 - Rich Mogull - pragmatic cloud security
 
DEF CON 24 - Grant Bugher - Bypassing captive portals
DEF CON 24 - Grant Bugher - Bypassing captive portalsDEF CON 24 - Grant Bugher - Bypassing captive portals
DEF CON 24 - Grant Bugher - Bypassing captive portals
 
DEF CON 24 - Patrick Wardle - 99 problems little snitch
DEF CON 24 - Patrick Wardle - 99 problems little snitchDEF CON 24 - Patrick Wardle - 99 problems little snitch
DEF CON 24 - Patrick Wardle - 99 problems little snitch
 
DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...
DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...
DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...
 
DEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucks
DEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucksDEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucks
DEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucks
 
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
DEF CON 24 - Dinesh and Shetty - practical android application exploitationDEF CON 24 - Dinesh and Shetty - practical android application exploitation
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
 
DEF CON 24 - Klijnsma and Tentler - stargate pivoting through vnc
DEF CON 24 - Klijnsma and Tentler - stargate pivoting through vncDEF CON 24 - Klijnsma and Tentler - stargate pivoting through vnc
DEF CON 24 - Klijnsma and Tentler - stargate pivoting through vnc
 
DEF CON 24 - Antonio Joseph - fuzzing android devices
DEF CON 24 - Antonio Joseph - fuzzing android devicesDEF CON 24 - Antonio Joseph - fuzzing android devices
DEF CON 24 - Antonio Joseph - fuzzing android devices
 

Recently uploaded

Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 

Recently uploaded (20)

Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 

DEF CON 23 - Ryan Mitchell - separating bots from humans