Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Intrusions and the Modern Web
Search
Benjamin Scott
November 23, 2015
Technology
1
130
Intrusions and the Modern Web
how and why bad guys break into servers
Benjamin Scott
November 23, 2015
Tweet
Share
More Decks by Benjamin Scott
See All by Benjamin Scott
Practical Cross-Side Request Forgery
benjaminxscott
0
52
Starting your Infosec Career
benjaminxscott
0
380
Lie To Me: Mitigating Intrusions using Deception
benjaminxscott
0
74
Internet Security for Everyone
benjaminxscott
1
62
Beneath the Radar: covert traffic on the web
benjaminxscott
0
82
Securing your company's networks
benjaminxscott
0
75
Internet Forensics 101
benjaminxscott
0
66
Intro to Binary Analysis
benjaminxscott
0
51
Analyzing Evil PDF Files with peepdf
benjaminxscott
0
190
Other Decks in Technology
See All in Technology
ポストコロナ時代の SaaS におけるコスト削減の意義
izzii
1
490
毎晩の 負荷試験自動実行による効果
recruitengineers
PRO
5
190
Contract One Engineering Unit 紹介資料
sansan33
PRO
0
6.9k
(HackFes)米国国防総省のDevSecOpsライフサイクルをAWSのセキュリティサービスとOSSで実現
syoshie
5
530
三視点LLMによる複数観点レビュー
mhlyc
0
240
Bill One 開発エンジニア 紹介資料
sansan33
PRO
4
13k
Building GoReleaser - from shell script to paid product
caarlos0
0
170
セキュアな社内Dify運用と外部連携の両立 ~AIによるAPIリスク評価~
zozotech
PRO
0
140
LIXIL基幹システム刷新に立ち向かう技術的アプローチについて
tsukuha
1
630
ClaudeCodeにキレない技術
gtnao
1
900
ObsidianをLLM時代のナレッジベースに! クリッピング→Markdown→CLI連携の実践
srvhat09
6
3.9k
全部AI、全員Cursor、ドキュメント駆動開発 〜DevinやGeminiも添えて〜
rinchsan
10
5.4k
Featured
See All Featured
Unsuck your backbone
ammeep
671
58k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
667
120k
Bash Introduction
62gerente
613
210k
Producing Creativity
orderedlist
PRO
346
40k
The Illustrated Children's Guide to Kubernetes
chrisshort
48
50k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
357
30k
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
Music & Morning Musume
bryan
46
6.7k
Intergalactic Javascript Robots from Outer Space
tanoku
271
27k
The World Runs on Bad Software
bkeepers
PRO
70
11k
4 Signs Your Business is Dying
shpigford
184
22k
Building an army of robots
kneath
306
45k
Transcript
Intrusions and the Modern Web Benjamin Scott
[email protected]
The Modern Web Threat model high - organized e-crime /
espionage groups Risk profile high - web developers want features / uptime Defense budget low - until breach hits the news
Goal of Intrusions Liquid assets credit cards / incoming traffic
/ hosting Enterprise access non-segmented network / shared admin Great visibility build profile of visitors who trust the site
Intrusion Lifecycle Break In find and exploit websec / appsec
issue Dig In install persistent backdoor Spread Out rinse and repeat
Break In Choose target highly trafficked / VIPs of interest
Try bruteforce default admin / SQLi / file inclusion Use exploit vulnerable service / CMS
(really) Break In Steal creds phish admins / keylog home
machines Buy access hire mercenaries / logins from underground SIGINT Use active MITM to inject binaries
Dig In Install webshell e-crime - PHP shells CN: Shell
Crew - ASP shells RU: Crouching Yeti - JavaScript patchwork RU: APT28 - custom kit with analytics Keep access local privilege escalation / new accounts
Spread Out Identify victims profile visitors / validate VIPs Deliver
exploits serve up tailored exploit Relay traffic implant commands sent via covert channel
Mitigations Monitoring new referers / odd scripts / insecure configs
Agile response share tools between operations / security / IT Clean deploys test appsec for CI / hardened images / CSP Hygiene checks scan / honeyclient / red team your site
Thanks for listening Benjamin Scott
[email protected]
github.com/benjaminxscott about.me/benjaminxscott