Recommended
More Related Content
What's hot
Viewers also liked
Viewers also liked (20)
Similar to Talk proposal crawling web (darker way) for fun and profit
Similar to Talk proposal crawling web (darker way) for fun and profit (20)
More from promediakw
More from promediakw (13)
Talk proposal crawling web (darker way) for fun and profit
- 1. Crawling Web (Darker Way) for Fun and Profit Section A - Personal Data: 1. Name: Tamaghna Basu 2. Email Address: tamaghna.basu@gmail.com 3. Cell phone: +91 9880307435 4. Brief biography: Tamaghna Basu, OSCP, GCIH, RHCE, CEH, ECSA, co-founder of www.weekendsecurity.org, is a security researcher at heart and has been his main areas of research include Web app security and network pen‐testing, exploit development, incident handling and cyber forensic. Being a software developer earlier, he worked in java, .net, ruby etc. and various domains like finance, insurance, gaming etc. He was the winner of NULLCON 2010's hacking challenge. He is a SANS certified mentor for the course – “Sec 504: Hacker Techniques, Exploits and Incident Handling”. He also presented in other security conferences like NULLCON, C0C0N, OWASP, ISACA etc. Tamaghna is one of the core members of NULL security community, he facilitates Chennai/Bangalore NULL Chapter, a frequent speaker of NULL and OWASP meets, conducted multiple hacking workshops in NULL HUMLA, Bangalore. He is an active member of security communities like honeynet, NAISG, DSCI, Clubhack etc. He also contributed to security magazines like Clubhack and ISACA journal. He has achieved various other certifications like Cyber Crime Investigation, Diploma in Cyber Law etc. Talks by Tamaghna: “Network Forensic” at Ground Zero Summit, 2013 (www.g0s.org) “Web Application Security” at ISACA Bangalore 2013 “ “Public Exploit Held in Private” at OWASP Conference Delhi 2012 (www.2012.owasp.in) “Client Side Exploits using PDF” at C0C0N Cochin 2010 (http://is-ra.org/c0c0n/) “JSON Fuzzing” at NULLCON Goa 2011(www.nullcon.net) “Practical Exploitation” at ISACA Bangalore Chapter 2011 Information Security, Past, Present and Future” at Amrita College Cochin 2012 Trainings/workshops by Tamaghna: Network Forensics : 1 day workshop at Ground Zero Summit, 2013 (www.g0s.org) Network Forensics : 1 day workshop at C0C0N Trivandrum September 2013 (http://is- ra.org/c0c0n/) Hackers Versus Developers: 1 day workshop at Clubhack Pune December 2012 (http://www.clubhack.com/) Basics of Web Security: 1 day workshop at Payatu/TestYantra Bangalore November 2012 Basics of Web Hacking: 1 day workshop at Amrita College Cochin September 2012 Network Forensic: 1 day workshop at C0C0N Trivandrum September 2013 (http://is- ra.org/c0c0n/) Cyber Crime Investigation and Information Warfare : Multiple workshops for govt. agencies and defense organizations
- 2. Cyber Security Awareness: 1 day workshop in BVB Eng. College, Hubli, 2014 Ethical Hacking: at Corporates Bangalore 2010-11 Online Twitter: @titanlambda Linkedin: http://www.linkedin.com/in/tamaghnabasu Slideshare: http://slideshare.net/titanlambda/presentations Section B – Topic details: 1. Title: Crawling Web (Darker Way) for Fun and Profit 2. Brief Description: Lots of times we talk about targeted attacks where profiling or in general reconnaissance is critical and most important thing to do very well. Without gathering valid and appropriate information you might not be able to trigger a successful attack. Here I have created a web proxy based tool which helps to map the web based on their relevance and internal references. What I will be mostly covering in this topic is: a) How to crawl through web and search through it in automated manner for a specific interest. b) How to bypass, or rather postpone captcha which prevents you to do automated crawling through search engines c) TOOL RELEASE - Site Mapper : A web proxy based tool which parses through the web proxy logs after the user is done with browsing and give you hidden, juicy information about internal servers which the public server refer to while loading the responses.