Exatel Security Days 2017:May the data stay with U! - network data exfiltration techniques.
Slides from my talk @ NGSec 2016 Conference - Warsaw.
During the presentation, I will show you how to implement and use the OWASP Appsensor project as an early detection and warning system. I will talk about the appsensor control points of the family:
RequestException, AuthenticationException, SessionException, InputException, HoneyTrap and others.
We will analyze together two scenarios for implementation: low-level WAFs built into the higher-level WAF application in Reverse Proxy architecture.
"Know your enemy" - a motto that we should be guided in the interests of developing the defensive capabilities of security teams and the honeypot network definitely has a lot of value here.
During the lecture, I will try to present ways of using and possibilities offered by open source honeypot solutions. We will talk about single projects imitating real services (DNS, SMB, SSH, SCP / SFTP, FTP, telnet, HTTP, TFTP, MySQL / MSSQL, RDP and many others), reverse proxy honeypot content injection into web applications, attacking attackers; Ending with dedicated platforms with built-in stack ELK.