SlideShare a Scribd company logo

Owasp universal-http-do s

Download as PPT, PDF
E Hacking
E Hacking

This document summarizes two HTTP denial-of-service (DoS) attacks called Slowloris and R-U-D-Y. Slowloris abuses HTTP header handling by slowly injecting custom headers to keep connections open indefinitely. R-U-D-Y similarly abuses form fields to create zombie application threads. The document discusses how these attacks work, demonstrations of the attacks, and recommendations for mitigating them including modifying server timeouts and using a tool like ModSecurity to limit requests. Future research ideas are also proposed to explore HTTP protocol fuzzing and other potential attack vectors.

Technology
1 of 19
[object Object]
[object Object],[object Object],[object Object],[object Object],[object Object]
 
How Would You Like Your Website? Slow or DEAD ? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
SlowLoris ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
SlowLoris ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
SlowLoris ,[object Object]
SlowLoris Mitigation
Patching Apache ,[object Object]
According to SpiderLabs: ,[object Object],[object Object],[object Object]
R-U-D-Y ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Vulnerability discovered by Tom Brennan and Wong Onn Chee: http://www.owasp.org/images/4/43/Layer_7_DDOS.pdf
R-U-D-Y ,[object Object]
Waging War Upon SCADA
Waging War Upon SCADA ,[object Object],[object Object]
R-U-D-Y Mitigation ,[object Object],[object Object]
Other (potential?) Attack Vectors ,[object Object],[object Object]
Future Research ,[object Object],[object Object],If we knew what it was we were doing, it would not be called research, would it? (Albert Einstein)
[object Object],[object Object],[object Object],[object Object],[object Object],Reference
[object Object],Thank You

Recommended

Data Base Attack
Data Base AttackData Base Attack
Data Base AttackMohammadbagher Bahador
 
Web Cache Poisoning
Web Cache PoisoningWeb Cache Poisoning
Web Cache Poisoning
KuldeepPandya5
 
Menggunakan Kali Linux Untuk Mengetahui Kelemahan Implementasi TI
Menggunakan Kali Linux Untuk Mengetahui Kelemahan Implementasi TIMenggunakan Kali Linux Untuk Mengetahui Kelemahan Implementasi TI
Menggunakan Kali Linux Untuk Mengetahui Kelemahan Implementasi TI
Ismail Fahmi
 
Hack ASP.NET website
Hack ASP.NET websiteHack ASP.NET website
Hack ASP.NET website
Positive Hack Days
 
Serverless Security: Defence Against the Dark Arts
Serverless Security: Defence Against the Dark ArtsServerless Security: Defence Against the Dark Arts
Serverless Security: Defence Against the Dark Arts
Yan Cui
 
Adding Identity Management and Access Control to your Application, Authorization
Adding Identity Management and Access Control to your Application, AuthorizationAdding Identity Management and Access Control to your Application, Authorization
Adding Identity Management and Access Control to your Application, Authorization
Fernando Lopez Aguilar
 
IdM and AC
IdM and ACIdM and AC
IdM and AC
Fernando Lopez Aguilar
 
Pagina web Skoliosis iluminada Cristina Alarcon
Pagina web Skoliosis iluminada Cristina AlarconPagina web Skoliosis iluminada Cristina Alarcon
Pagina web Skoliosis iluminada Cristina AlarconCristina Alarcon
 

Recommended

Data Base Attack
Data Base AttackData Base Attack
Data Base AttackMohammadbagher Bahador
 
Web Cache Poisoning
Web Cache PoisoningWeb Cache Poisoning
Web Cache Poisoning
KuldeepPandya5
 
Menggunakan Kali Linux Untuk Mengetahui Kelemahan Implementasi TI
Menggunakan Kali Linux Untuk Mengetahui Kelemahan Implementasi TIMenggunakan Kali Linux Untuk Mengetahui Kelemahan Implementasi TI
Menggunakan Kali Linux Untuk Mengetahui Kelemahan Implementasi TI
Ismail Fahmi
 
Hack ASP.NET website
Hack ASP.NET websiteHack ASP.NET website
Hack ASP.NET website
Positive Hack Days
 
Serverless Security: Defence Against the Dark Arts
Serverless Security: Defence Against the Dark ArtsServerless Security: Defence Against the Dark Arts
Serverless Security: Defence Against the Dark Arts
Yan Cui
 
Adding Identity Management and Access Control to your Application, Authorization
Adding Identity Management and Access Control to your Application, AuthorizationAdding Identity Management and Access Control to your Application, Authorization
Adding Identity Management and Access Control to your Application, Authorization
Fernando Lopez Aguilar
 
IdM and AC
IdM and ACIdM and AC
IdM and AC
Fernando Lopez Aguilar
 
Pagina web Skoliosis iluminada Cristina Alarcon
Pagina web Skoliosis iluminada Cristina AlarconPagina web Skoliosis iluminada Cristina Alarcon
Pagina web Skoliosis iluminada Cristina AlarconCristina Alarcon
 
Pagina web Skoliosis iluminada Roberto Leon
Pagina web Skoliosis iluminada Roberto LeonPagina web Skoliosis iluminada Roberto Leon
Pagina web Skoliosis iluminada Roberto LeonCristina Alarcon
 
Owasp universal-http-do s
Owasp universal-http-do sOwasp universal-http-do s
Owasp universal-http-do s
E Hacking
 
Pc school broi 1
Pc school broi 1Pc school broi 1
Pc school broi 1Ремонт и поддръжка на компютърни системи и локални мрежи
 
Pagina web Skoliosis Iluminada Stefania Andrade
Pagina web Skoliosis Iluminada Stefania AndradePagina web Skoliosis Iluminada Stefania Andrade
Pagina web Skoliosis Iluminada Stefania AndradeCristina Alarcon
 
Unmasking or De-Anonymizing You
Unmasking or De-Anonymizing YouUnmasking or De-Anonymizing You
Unmasking or De-Anonymizing You
E Hacking
 
Pagina web Skoliosis iluminada Valeria Dìaz
Pagina web Skoliosis iluminada Valeria DìazPagina web Skoliosis iluminada Valeria Dìaz
Pagina web Skoliosis iluminada Valeria DìazCristina Alarcon
 
Abusing Microsoft Kerberos - Sorry you guys don’t get it
Abusing Microsoft Kerberos - Sorry you guys don’t get itAbusing Microsoft Kerberos - Sorry you guys don’t get it
Abusing Microsoft Kerberos - Sorry you guys don’t get itE Hacking
 
LDAP Injections & Blind LDAP Injections Paper
LDAP Injections & Blind LDAP Injections PaperLDAP Injections & Blind LDAP Injections Paper
LDAP Injections & Blind LDAP Injections Paper
E Hacking
 
Full Web Stack Security
Full Web Stack SecurityFull Web Stack Security
Full Web Stack Security
Drupal Portugal
 
Defending Against Application DoS attacks
Defending Against Application DoS attacksDefending Against Application DoS attacks
Defending Against Application DoS attacks
Roberto Suggi Liverani
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
MarketingArrowECS_CZ
 
Implementation Of real testbed of DDOS
Implementation Of real testbed of DDOSImplementation Of real testbed of DDOS
Implementation Of real testbed of DDOS
Jatin Singh
 
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Jeremiah Grossman
 
SSRF For Bug Bounties
SSRF For Bug BountiesSSRF For Bug Bounties
SSRF For Bug Bounties
OWASP Nagpur
 
Azure WAf
Azure WAfAzure WAf
Azure WAf
PutraPribumi4
 
Defending against application level DoS attacks
Defending against application level DoS attacksDefending against application level DoS attacks
Defending against application level DoS attacks
Chu Xu
 
Rich Web App Security - Keeping your application safe
Rich Web App Security - Keeping your application safeRich Web App Security - Keeping your application safe
Rich Web App Security - Keeping your application safeJeremiah Grossman
 
bh-usa-07-grossman-WP.pdf
bh-usa-07-grossman-WP.pdfbh-usa-07-grossman-WP.pdf
bh-usa-07-grossman-WP.pdf
cyberhacker7
 
CONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan Kuskos
CONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan KuskosCONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan Kuskos
CONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan Kuskos
PROIDEA
 
Abusing Exploiting and Pwning with Firefox Addons
Abusing Exploiting and Pwning with Firefox AddonsAbusing Exploiting and Pwning with Firefox Addons
Abusing Exploiting and Pwning with Firefox AddonsAjin Abraham
 
Ch 22: Web Hosting and Internet Servers
Ch 22: Web Hosting and Internet ServersCh 22: Web Hosting and Internet Servers
Ch 22: Web Hosting and Internet Serverswebhostingguy
 
Owasp Top 10 - Owasp Pune Chapter - January 2008
Owasp Top 10 - Owasp Pune Chapter - January 2008Owasp Top 10 - Owasp Pune Chapter - January 2008
Owasp Top 10 - Owasp Pune Chapter - January 2008
abhijitapatil
 

More Related Content

Viewers also liked

Pagina web Skoliosis iluminada Roberto Leon
Pagina web Skoliosis iluminada Roberto LeonPagina web Skoliosis iluminada Roberto Leon
Pagina web Skoliosis iluminada Roberto LeonCristina Alarcon
 
Owasp universal-http-do s
Owasp universal-http-do sOwasp universal-http-do s
Owasp universal-http-do s
E Hacking
 
Pagina web Skoliosis Iluminada Stefania Andrade
Pagina web Skoliosis Iluminada Stefania AndradePagina web Skoliosis Iluminada Stefania Andrade
Pagina web Skoliosis Iluminada Stefania AndradeCristina Alarcon
 
Unmasking or De-Anonymizing You
Unmasking or De-Anonymizing YouUnmasking or De-Anonymizing You
Unmasking or De-Anonymizing You
E Hacking
 
Pagina web Skoliosis iluminada Valeria Dìaz
Pagina web Skoliosis iluminada Valeria DìazPagina web Skoliosis iluminada Valeria Dìaz
Pagina web Skoliosis iluminada Valeria DìazCristina Alarcon
 
Abusing Microsoft Kerberos - Sorry you guys don’t get it
Abusing Microsoft Kerberos - Sorry you guys don’t get itAbusing Microsoft Kerberos - Sorry you guys don’t get it
Abusing Microsoft Kerberos - Sorry you guys don’t get itE Hacking
 
LDAP Injections & Blind LDAP Injections Paper
LDAP Injections & Blind LDAP Injections PaperLDAP Injections & Blind LDAP Injections Paper
LDAP Injections & Blind LDAP Injections Paper
E Hacking
 

Viewers also liked (8)

Pagina web Skoliosis iluminada Roberto Leon
Pagina web Skoliosis iluminada Roberto LeonPagina web Skoliosis iluminada Roberto Leon
Pagina web Skoliosis iluminada Roberto Leon
 
Owasp universal-http-do s
Owasp universal-http-do sOwasp universal-http-do s
Owasp universal-http-do s
 
Pc school broi 1
Pc school broi 1Pc school broi 1
Pc school broi 1
 
Pagina web Skoliosis Iluminada Stefania Andrade
Pagina web Skoliosis Iluminada Stefania AndradePagina web Skoliosis Iluminada Stefania Andrade
Pagina web Skoliosis Iluminada Stefania Andrade
 
Unmasking or De-Anonymizing You
Unmasking or De-Anonymizing YouUnmasking or De-Anonymizing You
Unmasking or De-Anonymizing You
 
Pagina web Skoliosis iluminada Valeria Dìaz
Pagina web Skoliosis iluminada Valeria DìazPagina web Skoliosis iluminada Valeria Dìaz
Pagina web Skoliosis iluminada Valeria Dìaz
 
Abusing Microsoft Kerberos - Sorry you guys don’t get it
Abusing Microsoft Kerberos - Sorry you guys don’t get itAbusing Microsoft Kerberos - Sorry you guys don’t get it
Abusing Microsoft Kerberos - Sorry you guys don’t get it
 
LDAP Injections & Blind LDAP Injections Paper
LDAP Injections & Blind LDAP Injections PaperLDAP Injections & Blind LDAP Injections Paper
LDAP Injections & Blind LDAP Injections Paper
 

Similar to Owasp universal-http-do s

Full Web Stack Security
Full Web Stack SecurityFull Web Stack Security
Full Web Stack Security
Drupal Portugal
 
Defending Against Application DoS attacks
Defending Against Application DoS attacksDefending Against Application DoS attacks
Defending Against Application DoS attacks
Roberto Suggi Liverani
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
MarketingArrowECS_CZ
 
Implementation Of real testbed of DDOS
Implementation Of real testbed of DDOSImplementation Of real testbed of DDOS
Implementation Of real testbed of DDOS
Jatin Singh
 
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Jeremiah Grossman
 
SSRF For Bug Bounties
SSRF For Bug BountiesSSRF For Bug Bounties
SSRF For Bug Bounties
OWASP Nagpur
 
Azure WAf
Azure WAfAzure WAf
Azure WAf
PutraPribumi4
 
Defending against application level DoS attacks
Defending against application level DoS attacksDefending against application level DoS attacks
Defending against application level DoS attacks
Chu Xu
 
Rich Web App Security - Keeping your application safe
Rich Web App Security - Keeping your application safeRich Web App Security - Keeping your application safe
Rich Web App Security - Keeping your application safeJeremiah Grossman
 
bh-usa-07-grossman-WP.pdf
bh-usa-07-grossman-WP.pdfbh-usa-07-grossman-WP.pdf
bh-usa-07-grossman-WP.pdf
cyberhacker7
 
CONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan Kuskos
CONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan KuskosCONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan Kuskos
CONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan Kuskos
PROIDEA
 
Abusing Exploiting and Pwning with Firefox Addons
Abusing Exploiting and Pwning with Firefox AddonsAbusing Exploiting and Pwning with Firefox Addons
Abusing Exploiting and Pwning with Firefox AddonsAjin Abraham
 
Ch 22: Web Hosting and Internet Servers
Ch 22: Web Hosting and Internet ServersCh 22: Web Hosting and Internet Servers
Ch 22: Web Hosting and Internet Serverswebhostingguy
 
Owasp Top 10 - Owasp Pune Chapter - January 2008
Owasp Top 10 - Owasp Pune Chapter - January 2008Owasp Top 10 - Owasp Pune Chapter - January 2008
Owasp Top 10 - Owasp Pune Chapter - January 2008
abhijitapatil
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecuritiesamiable_indian
 
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
TakeDownCon Rocket City: WebShells by Adrian CrenshawTakeDownCon Rocket City: WebShells by Adrian Crenshaw
TakeDownCon Rocket City: WebShells by Adrian CrenshawEC-Council
 
Vorlesung "Web-Technologies"
Vorlesung "Web-Technologies" Vorlesung "Web-Technologies"
Vorlesung "Web-Technologies"
Wolfgang Wiese
 
Layer 7 ddos
Layer 7 ddosLayer 7 ddos
Layer 7 ddosfangjiafu
 
Wifi Security, or Descending into Depression and Drink
Wifi Security, or Descending into Depression and DrinkWifi Security, or Descending into Depression and Drink
Wifi Security, or Descending into Depression and DrinkSecurityTube.Net
 
PLNOG 17 - Patryk Wojtachnio - DDoS mitygacja oraz ochrona sieci w środowisku...
PLNOG 17 - Patryk Wojtachnio - DDoS mitygacja oraz ochrona sieci w środowisku...PLNOG 17 - Patryk Wojtachnio - DDoS mitygacja oraz ochrona sieci w środowisku...
PLNOG 17 - Patryk Wojtachnio - DDoS mitygacja oraz ochrona sieci w środowisku...
PROIDEA
 

Similar to Owasp universal-http-do s (20)

Full Web Stack Security
Full Web Stack SecurityFull Web Stack Security
Full Web Stack Security
 
Defending Against Application DoS attacks
Defending Against Application DoS attacksDefending Against Application DoS attacks
Defending Against Application DoS attacks
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
 
Implementation Of real testbed of DDOS
Implementation Of real testbed of DDOSImplementation Of real testbed of DDOS
Implementation Of real testbed of DDOS
 
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
 
SSRF For Bug Bounties
SSRF For Bug BountiesSSRF For Bug Bounties
SSRF For Bug Bounties
 
Azure WAf
Azure WAfAzure WAf
Azure WAf
 
Defending against application level DoS attacks
Defending against application level DoS attacksDefending against application level DoS attacks
Defending against application level DoS attacks
 
Rich Web App Security - Keeping your application safe
Rich Web App Security - Keeping your application safeRich Web App Security - Keeping your application safe
Rich Web App Security - Keeping your application safe
 
bh-usa-07-grossman-WP.pdf
bh-usa-07-grossman-WP.pdfbh-usa-07-grossman-WP.pdf
bh-usa-07-grossman-WP.pdf
 
CONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan Kuskos
CONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan KuskosCONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan Kuskos
CONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan Kuskos
 
Abusing Exploiting and Pwning with Firefox Addons
Abusing Exploiting and Pwning with Firefox AddonsAbusing Exploiting and Pwning with Firefox Addons
Abusing Exploiting and Pwning with Firefox Addons
 
Ch 22: Web Hosting and Internet Servers
Ch 22: Web Hosting and Internet ServersCh 22: Web Hosting and Internet Servers
Ch 22: Web Hosting and Internet Servers
 
Owasp Top 10 - Owasp Pune Chapter - January 2008
Owasp Top 10 - Owasp Pune Chapter - January 2008Owasp Top 10 - Owasp Pune Chapter - January 2008
Owasp Top 10 - Owasp Pune Chapter - January 2008
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecurities
 
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
TakeDownCon Rocket City: WebShells by Adrian CrenshawTakeDownCon Rocket City: WebShells by Adrian Crenshaw
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
 
Vorlesung "Web-Technologies"
Vorlesung "Web-Technologies" Vorlesung "Web-Technologies"
Vorlesung "Web-Technologies"
 
Layer 7 ddos
Layer 7 ddosLayer 7 ddos
Layer 7 ddos
 
Wifi Security, or Descending into Depression and Drink
Wifi Security, or Descending into Depression and DrinkWifi Security, or Descending into Depression and Drink
Wifi Security, or Descending into Depression and Drink
 
PLNOG 17 - Patryk Wojtachnio - DDoS mitygacja oraz ochrona sieci w środowisku...
PLNOG 17 - Patryk Wojtachnio - DDoS mitygacja oraz ochrona sieci w środowisku...PLNOG 17 - Patryk Wojtachnio - DDoS mitygacja oraz ochrona sieci w środowisku...
PLNOG 17 - Patryk Wojtachnio - DDoS mitygacja oraz ochrona sieci w środowisku...
 

More from E Hacking

CEH and Security+ Training Outline - EH Academy
CEH and Security+ Training Outline - EH AcademyCEH and Security+ Training Outline - EH Academy
CEH and Security+ Training Outline - EH Academy
E Hacking
 
Threats against the next billion devices
Threats against the next billion devicesThreats against the next billion devices
Threats against the next billion devices
E Hacking
 
High Definition Fuzzing; Exploring HDMI vulnerabilities
High Definition Fuzzing; Exploring HDMI vulnerabilitiesHigh Definition Fuzzing; Exploring HDMI vulnerabilities
High Definition Fuzzing; Exploring HDMI vulnerabilities
E Hacking
 
New Developments in the BREACH attack
New Developments in the BREACH attackNew Developments in the BREACH attack
New Developments in the BREACH attack
E Hacking
 
Exploiting Linux On 32-bit and 64-bit Systems
Exploiting Linux On 32-bit and 64-bit SystemsExploiting Linux On 32-bit and 64-bit Systems
Exploiting Linux On 32-bit and 64-bit Systems
E Hacking
 
Most Important steps to become a hacker
Most Important steps to become a hackerMost Important steps to become a hacker
Most Important steps to become a hacker
E Hacking
 
Penetrating the Perimeter - Tales from the Battlefield
Penetrating the Perimeter - Tales from the BattlefieldPenetrating the Perimeter - Tales from the Battlefield
Penetrating the Perimeter - Tales from the Battlefield
E Hacking
 
Website fingerprinting on TOR
Website fingerprinting on TORWebsite fingerprinting on TOR
Website fingerprinting on TOR
E Hacking
 
Fuzzing the Media Framework in Android
Fuzzing the Media Framework in AndroidFuzzing the Media Framework in Android
Fuzzing the Media Framework in Android
E Hacking
 
Stalking a City for Fun and Frivolity" Defcon Talk
Stalking a City for Fun and Frivolity" Defcon TalkStalking a City for Fun and Frivolity" Defcon Talk
Stalking a City for Fun and Frivolity" Defcon TalkE Hacking
 
Hacking Wireless World, RFID hacking
Hacking Wireless World, RFID hackingHacking Wireless World, RFID hacking
Hacking Wireless World, RFID hacking
E Hacking
 
Malicious Domain Profiling
Malicious Domain Profiling Malicious Domain Profiling
Malicious Domain Profiling
E Hacking
 
Searching Shodan For Fun And Profit
Searching Shodan For Fun And ProfitSearching Shodan For Fun And Profit
Searching Shodan For Fun And Profit
E Hacking
 
The Machines that Betrayed their Masters
The Machines that Betrayed their MastersThe Machines that Betrayed their Masters
The Machines that Betrayed their Masters
E Hacking
 
Detecting Bluetooth Surveillance Systems
Detecting Bluetooth Surveillance SystemsDetecting Bluetooth Surveillance Systems
Detecting Bluetooth Surveillance Systems
E Hacking
 
WhatsApp Chat Hacking/Stealing POC
WhatsApp Chat Hacking/Stealing POCWhatsApp Chat Hacking/Stealing POC
WhatsApp Chat Hacking/Stealing POC
E Hacking
 
Building Trojan Hardware at Home
Building Trojan Hardware at HomeBuilding Trojan Hardware at Home
Building Trojan Hardware at Home
E Hacking
 
Social Media Monitoring tools as an OSINT platform for intelligence
Social Media Monitoring tools as an OSINT platform for intelligenceSocial Media Monitoring tools as an OSINT platform for intelligence
Social Media Monitoring tools as an OSINT platform for intelligence
E Hacking
 
Reversing and Malware Analysis
Reversing and Malware Analysis Reversing and Malware Analysis
Reversing and Malware Analysis
E Hacking
 
Metasploit - The Exploit Learning Tree
Metasploit - The Exploit Learning TreeMetasploit - The Exploit Learning Tree
Metasploit - The Exploit Learning Tree
E Hacking
 

More from E Hacking (20)

CEH and Security+ Training Outline - EH Academy
CEH and Security+ Training Outline - EH AcademyCEH and Security+ Training Outline - EH Academy
CEH and Security+ Training Outline - EH Academy
 
Threats against the next billion devices
Threats against the next billion devicesThreats against the next billion devices
Threats against the next billion devices
 
High Definition Fuzzing; Exploring HDMI vulnerabilities
High Definition Fuzzing; Exploring HDMI vulnerabilitiesHigh Definition Fuzzing; Exploring HDMI vulnerabilities
High Definition Fuzzing; Exploring HDMI vulnerabilities
 
New Developments in the BREACH attack
New Developments in the BREACH attackNew Developments in the BREACH attack
New Developments in the BREACH attack
 
Exploiting Linux On 32-bit and 64-bit Systems
Exploiting Linux On 32-bit and 64-bit SystemsExploiting Linux On 32-bit and 64-bit Systems
Exploiting Linux On 32-bit and 64-bit Systems
 
Most Important steps to become a hacker
Most Important steps to become a hackerMost Important steps to become a hacker
Most Important steps to become a hacker
 
Penetrating the Perimeter - Tales from the Battlefield
Penetrating the Perimeter - Tales from the BattlefieldPenetrating the Perimeter - Tales from the Battlefield
Penetrating the Perimeter - Tales from the Battlefield
 
Website fingerprinting on TOR
Website fingerprinting on TORWebsite fingerprinting on TOR
Website fingerprinting on TOR
 
Fuzzing the Media Framework in Android
Fuzzing the Media Framework in AndroidFuzzing the Media Framework in Android
Fuzzing the Media Framework in Android
 
Stalking a City for Fun and Frivolity" Defcon Talk
Stalking a City for Fun and Frivolity" Defcon TalkStalking a City for Fun and Frivolity" Defcon Talk
Stalking a City for Fun and Frivolity" Defcon Talk
 
Hacking Wireless World, RFID hacking
Hacking Wireless World, RFID hackingHacking Wireless World, RFID hacking
Hacking Wireless World, RFID hacking
 
Malicious Domain Profiling
Malicious Domain Profiling Malicious Domain Profiling
Malicious Domain Profiling
 
Searching Shodan For Fun And Profit
Searching Shodan For Fun And ProfitSearching Shodan For Fun And Profit
Searching Shodan For Fun And Profit
 
The Machines that Betrayed their Masters
The Machines that Betrayed their MastersThe Machines that Betrayed their Masters
The Machines that Betrayed their Masters
 
Detecting Bluetooth Surveillance Systems
Detecting Bluetooth Surveillance SystemsDetecting Bluetooth Surveillance Systems
Detecting Bluetooth Surveillance Systems
 
WhatsApp Chat Hacking/Stealing POC
WhatsApp Chat Hacking/Stealing POCWhatsApp Chat Hacking/Stealing POC
WhatsApp Chat Hacking/Stealing POC
 
Building Trojan Hardware at Home
Building Trojan Hardware at HomeBuilding Trojan Hardware at Home
Building Trojan Hardware at Home
 
Social Media Monitoring tools as an OSINT platform for intelligence
Social Media Monitoring tools as an OSINT platform for intelligenceSocial Media Monitoring tools as an OSINT platform for intelligence
Social Media Monitoring tools as an OSINT platform for intelligence
 
Reversing and Malware Analysis
Reversing and Malware Analysis Reversing and Malware Analysis
Reversing and Malware Analysis
 
Metasploit - The Exploit Learning Tree
Metasploit - The Exploit Learning TreeMetasploit - The Exploit Learning Tree
Metasploit - The Exploit Learning Tree
 

Recently uploaded

Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
CatarinaPereira64715
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 

Recently uploaded (20)

Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 

Owasp universal-http-do s