The Friendly Traitor: Our Software Wants to Kill Us

ShmooCon VI - 2010

Presented by: Colin Ames, T. OConnor
Date: Sunday February 07, 2010
Time: 11:00 - 12:00
Location: Front Room
Track: Break It!

<p>Browsers, client applications and web functionality are becoming more and more complex as time goes on. In this presentation, Kevin Johnson and Mike Poor of InGuardians will discuss how instead of focusing on 0-day exploits, attackers and penetration testers are able to use the features of our systems against us. They will explore the usage of browser hooks, client provided content and malicious flash applications all in attacking client machines and organizations. During this talk, Kevin and Mike will be debuting tools that they have developed in house to exploit the functionality of these clients. This talk focuses on providing the audience with an understanding of the attacks, examples (including code) of how the attacks are accomplished and copies of the tools used.</p>

Links

Kevin Johnson

<p>Kevin Johnson is a senior security analyst for InGuardians. Kevin is a web app samurai.</p>

Mike Poor

<p>Mike Poor is a senior security analyst for InGuardians. Mike has packet fu.</p>


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats