FireShark – A Tool to Link the Malicious Web

Expo Theatre (Hall G) October 18, 2011 - Feedback     

Bookmark and Share

Stephan Chenette

Thousands of legitimate web sites serve malicious content to millions of visitors each and every day. Trying to piece all the data together to confirm any similarities between possible common patterns within these websites, such as re-directors that belong to the same IP, IP range, or ASN, and reconstructing the final deobfuscated code can be time-consuming and sometimes impossible given many of the freely available tools. Stephan will present Fireshark, the second version of an open source web security research tool. This technology is capable of visiting large collections of websites at a time, executing, storing and correlating the content, and from it, identifying hundreds of malicious ecosystems.

Join Stephan as he uncovers, in real time, legitimate Canadian Web sites that have been infected, and the malicious eco-systems they are linked to.