SlideShare una empresa de Scribd logo

44CON 2014 - Binary Protocol Analysis with CANAPE, James Forshaw

44CON
44CON

44CON 2014 - Binary Protocol Analysis with CANAPE, James Forshaw CANAPE is an open source network proxy written in .NET. It has been developed to aid in the analysis and exploitation of unknown application network protocols using a similar use case to common HTTP proxies such as Burp or CAT. This workshop will go through the basics of analysing an unknown application protocol with hands on training examples. By the end of the workshop candidates should be able to better understand CANAPE’s functionality and be able to apply that to other protocols they come across.

Tecnología
1 de 50
Descargar para leer sin conexión
Binary Protocol Analysis with CANAPE James Forshaw
Schedule 1.What is CANAPE? 2.Say Hello to SuperFunkyChat 3.Proxying and Capturing Traffic 4.NetGraphs 5.Modelling State Transitions 6.Removing SSL/Layers 7.Traffic Manipulation and Replay 8.Developing Network Clients 9.Wrap Up https://www.github.com/tyranid/44con_2014
Playing Along at Home •Pre-built binaries available at: •https://www.github.com/tyranid/44con_2014 •Example projects and slides will come later ASK QUESTIONS https://www.github.com/tyranid/44con_2014
What is CANAPE? •Arbitrary Network Protocol Capture Tool •Specifically designed for Binary Protocols •Windows focused (some Mono support) •Open source, GPLv3, written in C# •https://www.github.com/ctxis/canape https://www.github.com/tyranid/44con_2014
What Makes CANAPE Different? •Number of tools to generate or fuzz network traffic •Scapy, Peach, Sulleyetc. •Takes Web Application Testing Paradigm and applies to arbitrary protocols •GUI •Easy packet manipulation •Quick feedback https://www.github.com/tyranid/44con_2014
Workshop 0: Quick Tour of CANAPE https://www.github.com/tyranid/44con_2014
Say Hello to Super Funky Chat!!11! https://www.github.com/tyranid/44con_2014
SuperFunkyChat •Simple Windows IM Application •Written originally as a CTF and CANAPE tutorial •Uses a binary protocol •Supports SOCKS •Has a few “Undocumented” features •Sourcecodeavailable at https://www.github.com/tyranid/SuperFunkyChat •Don’t use as a real IM system  https://www.github.com/tyranid/44con_2014
Workshop 1: Quick Tour of SuperFunkyChat https://www.github.com/tyranid/44con_2014
Proxying and Capturing Traffic •CANAPE Supports Many Ways of Proxying Traffic: •TCP/UDP Port Forwarding •SOCKS v4/v5 Proxy •HTTP Forward and Reverse Proxies •Can develop your own extensions to support other types of networks (NamedPipes, COM ports) •Also supports Servers and Clients https://www.github.com/tyranid/44con_2014
Identifying Suitable Traffic •Need to work out what traffic to capture •Reverse Engineering •Wireshark/PCAP https://www.github.com/tyranid/44con_2014
Forcing Traffic Through CANAPE •CANAPE works at Application Level (TCP/UDP) not network •Traffic from Application needs to go through CANAPE •Proxy support •DNS redirecting •DNAT •SOCKSifyingtools (Proxifierfor example) https://www.github.com/tyranid/44con_2014
Services •CANAPE insolates your project into a set of services. •You define a template for your service: •Data flow •State model •Dynamic content •When a new connection is made an Instance is instantiated based on the template https://www.github.com/tyranid/44con_2014
Workshop 2: Capturing SuperFunkyChat https://www.github.com/tyranid/44con_2014
NetGraphs https://www.github.com/tyranid/44con_2014
NetGraphs •NetGraphsused to mode data flow and state •Specified as a directed graph •Standard graph nodes available •Can implement custom nodes in C#/IronPython https://www.github.com/tyranid/44con_2014
Specifying a NetGraph Select Default Graph https://www.github.com/tyranid/44con_2014
Netgraphin Service Context Client Application Server Application https://www.github.com/tyranid/44con_2014
Some Standard Nodes Name Description LogNode Logspackets as they traverse the node Decision Node Performs an IF condition on packets Switch Node Selecton output based on state Edit Node Displaysa dialog to allow manual packet editing Dynamic Node Scripted content Layer Section Graphcontainer and layer processing https://www.github.com/tyranid/44con_2014
Graph User Interface •Create a new graph by right clicking project explorer •Left Click to Select and Drag Nodes •Right Click to Add Nodes •Hold and Drag Middle Button to Add Edges •Can also hold left Control and use Left button •Nodes can be disabled from right click menu https://www.github.com/tyranid/44con_2014
Node Properties https://www.github.com/tyranid/44con_2014
Node Filters •Each node has a Filters property •Defines match rules for what packets the node will process https://www.github.com/tyranid/44con_2014
Workshop 3: Playing with Netgraphs https://www.github.com/tyranid/44con_2014
Traffic Analysis https://www.github.com/tyranid/44con_2014
Packet Logging •Only packets which traverse a log node in a graph end up being logged (well unless you do it manually) •Affected by node filters •Can specify a number of properties: •Colour •Logged Name https://www.github.com/tyranid/44con_2014
Workshop 4: Packet Logging Interface https://www.github.com/tyranid/44con_2014
Packet Tools •Analysis of traffic means looking at binary data •Many different tasks: •Comparing packets and sequences of packets •Importing and exporting data •Searching https://www.github.com/tyranid/44con_2014
Workshop 5: Packet Tools https://www.github.com/tyranid/44con_2014
Parsing Traffic •CANAPE’s data pipeline can be scripted using C# or Python •Not necessarily easy thing to do •Parser editor to the rescue https://www.github.com/tyranid/44con_2014
Parser Editor https://www.github.com/tyranid/44con_2014
Parser Editor •Build protocol structure in GUI •Defines 3 types: •Sequences •Enumerations •Parsers •Supports complex expressions, TLV, sub-sequences etc. •Compiles to C# parser script, can be exported and tweaked https://www.github.com/tyranid/44con_2014
Parsed Packet Format Root Key (/) Key A Value Y Key B Value X SelectionPath= /A/Y •Nodes and filtessupport a Selection Path •Uses an XPATH syntax to determine selection https://www.github.com/tyranid/44con_2014
SuperFunkyChatPacket Structure Length (4 bytes) Checksum (4 bytes) Data (Length bytes) Command (1 byte) Command Specific Data (Length-1 bytes) https://www.github.com/tyranid/44con_2014
Workshop 6: Parser Development https://www.github.com/tyranid/44con_2014
Removing TLS/Layers •One of the most common security protocols is TLS/SSL •CANAPE doesn’t assume it knows better than you whether a connection is TLS or not •Can wrap and decrypt entire connection https://www.github.com/tyranid/44con_2014
Workshop 7: Remove TLS Encryption https://www.github.com/tyranid/44con_2014
State Modelling https://www.github.com/tyranid/44con_2014
State Modelling •Most protocols aren’t simple streams of data •Need to deal with State •Main way of handling this in CANAPE is through the netgraphs •Also simpler interface using state graphs https://www.github.com/tyranid/44con_2014
Meta Data Storage Service 1 Instance Local Meta Service 1 Instance Global Meta Local Meta Service 2 Instance Local Meta Project Meta https://www.github.com/tyranid/44con_2014
Accessing Meta Data Storage •Local (Graph.Meta) •Global (Graph.GlobalMeta) •Project (CANAPEProject.CurrentProject.GlobalMeta) •Layers (this.Meta/this.GlobalMeta) https://www.github.com/tyranid/44con_2014
MetaSelection •Already seen XPATH SelectionPath •Filters can also select on MetaData •Examples: •#MetaName–Select the local meta value •$MetaName–Select the global meta value https://www.github.com/tyranid/44con_2014
Workshop 8: Developing XOR Decryption https://www.github.com/tyranid/44con_2014
Traffic Manipulation and Replay https://www.github.com/tyranid/44con_2014
Dealing with Checksums •Up to now we’ve only looked at packets, never changed and replayed them •Something prevents us doing this, the checksum •Could write a script to fix up checksum after modification •Parser editor also gives some basic functions to do this for us https://www.github.com/tyranid/44con_2014
Expressions •Parser editor supports a python-like syntax expression evaluator •Combine with calculated values to recalculate checksum •Can even use python snippets: DoChecksum.RunMe(Command, bytes(Payload)) https://www.github.com/tyranid/44con_2014
Workshop 9: Packet Replay and Injection https://www.github.com/tyranid/44con_2014
Developing Network Clients https://www.github.com/tyranid/44con_2014
Network Clients •CANAPE supports developing network clients •Designed to allow reuse of work developed through MitM(graphs/scripts) to be reused with the minimal of effort •Can be used for fuzzing or other automated tasks. https://www.github.com/tyranid/44con_2014
Workshop 10: Command Fuzzer https://www.github.com/tyranid/44con_2014
Wrap Up https://www.github.com/tyranid/44con_2014

Recomendados

Chapter 1 Security Framework
Chapter 1 Security FrameworkChapter 1 Security Framework
Chapter 1 Security FrameworkKarthikeyan Dhayalan
 
Data Center Proposal (System Network Administration)
Data Center Proposal (System Network Administration)Data Center Proposal (System Network Administration)
Data Center Proposal (System Network Administration)Muhammad Ahad
 
Building a Cyber Threat Intelligence Knowledge Management System (Paris Augus...
Building a Cyber Threat Intelligence Knowledge Management System (Paris Augus...Building a Cyber Threat Intelligence Knowledge Management System (Paris Augus...
Building a Cyber Threat Intelligence Knowledge Management System (Paris Augus...Vaticle
 
CISSP - Software Development Security
CISSP - Software Development SecurityCISSP - Software Development Security
CISSP - Software Development SecurityKarthikeyan Dhayalan
 
Database auditing models
Database auditing models Database auditing models
Database auditing models ERSHUBHAM TIWARI
 
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfMicrosoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfParishSummer
 
Threat Modeling workshop by Robert Hurlbut
Threat Modeling workshop by Robert HurlbutThreat Modeling workshop by Robert Hurlbut
Threat Modeling workshop by Robert HurlbutDevSecCon
 
Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)Maganathin Veeraragaloo
 

Recomendados

Chapter 1 Security Framework
Chapter 1 Security FrameworkChapter 1 Security Framework
Chapter 1 Security FrameworkKarthikeyan Dhayalan
 
Data Center Proposal (System Network Administration)
Data Center Proposal (System Network Administration)Data Center Proposal (System Network Administration)
Data Center Proposal (System Network Administration)Muhammad Ahad
 
Building a Cyber Threat Intelligence Knowledge Management System (Paris Augus...
Building a Cyber Threat Intelligence Knowledge Management System (Paris Augus...Building a Cyber Threat Intelligence Knowledge Management System (Paris Augus...
Building a Cyber Threat Intelligence Knowledge Management System (Paris Augus...Vaticle
 
CISSP - Software Development Security
CISSP - Software Development SecurityCISSP - Software Development Security
CISSP - Software Development SecurityKarthikeyan Dhayalan
 
Database auditing models
Database auditing models Database auditing models
Database auditing models ERSHUBHAM TIWARI
 
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfMicrosoft-CISO-Workshop-Security-Strategy-and-Program (1).pdf
Microsoft-CISO-Workshop-Security-Strategy-and-Program (1).pdfParishSummer
 
Threat Modeling workshop by Robert Hurlbut
Threat Modeling workshop by Robert HurlbutThreat Modeling workshop by Robert Hurlbut
Threat Modeling workshop by Robert HurlbutDevSecCon
 
Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)Maganathin Veeraragaloo
 
Enterprise Security Architecture Design
Enterprise Security Architecture DesignEnterprise Security Architecture Design
Enterprise Security Architecture DesignPriyanka Aash
 
Data Center Checklist for Infrastructure Best Practices (SlideShare)
Data Center Checklist for Infrastructure Best Practices (SlideShare)Data Center Checklist for Infrastructure Best Practices (SlideShare)
Data Center Checklist for Infrastructure Best Practices (SlideShare)SP Home Run Inc.
 
Cybersecurity Capability Maturity Model Self-Evaluation Report Jan 27 2023.pdf
Cybersecurity Capability Maturity Model Self-Evaluation Report Jan 27 2023.pdfCybersecurity Capability Maturity Model Self-Evaluation Report Jan 27 2023.pdf
Cybersecurity Capability Maturity Model Self-Evaluation Report Jan 27 2023.pdfssuser7b150d
 
Introduction to red team operations
Introduction to red team operationsIntroduction to red team operations
Introduction to red team operationsSunny Neo
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security PresentationSimplex
 
Cyber Security roadmap.pptx
Cyber Security roadmap.pptxCyber Security roadmap.pptx
Cyber Security roadmap.pptxSandeepK707540
 
CISSP 8 Domains.pdf
CISSP 8 Domains.pdfCISSP 8 Domains.pdf
CISSP 8 Domains.pdfdotco
 
Advice for CISOs: How to Approach OT Cybersecurity
Advice for CISOs: How to Approach OT CybersecurityAdvice for CISOs: How to Approach OT Cybersecurity
Advice for CISOs: How to Approach OT CybersecurityMighty Guides, Inc.
 
Cyber security career development paths
Cyber security career development pathsCyber security career development paths
Cyber security career development pathsChelsea Jarvie
 
Professional Services for Cyber Recovery .pptx
Professional Services for Cyber Recovery .pptxProfessional Services for Cyber Recovery .pptx
Professional Services for Cyber Recovery .pptxssusercc05cf
 
How MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operationsHow MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operationsSergey Soldatov
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security RoadmapElliott Franklin
 
NIST SP 800 30 Flow Chart
NIST SP 800 30 Flow ChartNIST SP 800 30 Flow Chart
NIST SP 800 30 Flow ChartJames W. De Rienzo
 
Low level design template (1)
Low level design template (1)Low level design template (1)
Low level design template (1)anosha jamshed
 
Super Easy Memory Forensics
Super Easy Memory ForensicsSuper Easy Memory Forensics
Super Easy Memory ForensicsIIJ
 
The top 10 windows logs event id's used v1.0
The top 10 windows logs event id's used v1.0The top 10 windows logs event id's used v1.0
The top 10 windows logs event id's used v1.0Michael Gough
 
CyberOps.pptx
CyberOps.pptxCyberOps.pptx
CyberOps.pptxAhmedRobaid1
 
Cyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metricsCyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metricsMark Arena
 
2021 五月 Veeam 多雲解決方案 (完整版本)
2021 五月 Veeam 多雲解決方案 (完整版本)2021 五月 Veeam 多雲解決方案 (完整版本)
2021 五月 Veeam 多雲解決方案 (完整版本)Wales Chen
 
期末專題說明
期末專題說明期末專題說明
期末專題說明Phate334
 
44CON @ IPexpo - You're fighting an APT with what exactly?
44CON @ IPexpo - You're fighting an APT with what exactly?44CON @ IPexpo - You're fighting an APT with what exactly?
44CON @ IPexpo - You're fighting an APT with what exactly?44CON
 
Packer Genetics: The selfish code
Packer Genetics: The selfish codePacker Genetics: The selfish code
Packer Genetics: The selfish codejduart
 

Más contenido relacionado

La actualidad más candente

Enterprise Security Architecture Design
Enterprise Security Architecture DesignEnterprise Security Architecture Design
Enterprise Security Architecture DesignPriyanka Aash
 
Data Center Checklist for Infrastructure Best Practices (SlideShare)
Data Center Checklist for Infrastructure Best Practices (SlideShare)Data Center Checklist for Infrastructure Best Practices (SlideShare)
Data Center Checklist for Infrastructure Best Practices (SlideShare)SP Home Run Inc.
 
Cybersecurity Capability Maturity Model Self-Evaluation Report Jan 27 2023.pdf
Cybersecurity Capability Maturity Model Self-Evaluation Report Jan 27 2023.pdfCybersecurity Capability Maturity Model Self-Evaluation Report Jan 27 2023.pdf
Cybersecurity Capability Maturity Model Self-Evaluation Report Jan 27 2023.pdfssuser7b150d
 
Introduction to red team operations
Introduction to red team operationsIntroduction to red team operations
Introduction to red team operationsSunny Neo
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security PresentationSimplex
 
Cyber Security roadmap.pptx
Cyber Security roadmap.pptxCyber Security roadmap.pptx
Cyber Security roadmap.pptxSandeepK707540
 
CISSP 8 Domains.pdf
CISSP 8 Domains.pdfCISSP 8 Domains.pdf
CISSP 8 Domains.pdfdotco
 
Advice for CISOs: How to Approach OT Cybersecurity
Advice for CISOs: How to Approach OT CybersecurityAdvice for CISOs: How to Approach OT Cybersecurity
Advice for CISOs: How to Approach OT CybersecurityMighty Guides, Inc.
 
Cyber security career development paths
Cyber security career development pathsCyber security career development paths
Cyber security career development pathsChelsea Jarvie
 
Professional Services for Cyber Recovery .pptx
Professional Services for Cyber Recovery .pptxProfessional Services for Cyber Recovery .pptx
Professional Services for Cyber Recovery .pptxssusercc05cf
 
How MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operationsHow MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operationsSergey Soldatov
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security RoadmapElliott Franklin
 
Low level design template (1)
Low level design template (1)Low level design template (1)
Low level design template (1)anosha jamshed
 
Super Easy Memory Forensics
Super Easy Memory ForensicsSuper Easy Memory Forensics
Super Easy Memory ForensicsIIJ
 
The top 10 windows logs event id's used v1.0
The top 10 windows logs event id's used v1.0The top 10 windows logs event id's used v1.0
The top 10 windows logs event id's used v1.0Michael Gough
 
Cyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metricsCyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metricsMark Arena
 
2021 五月 Veeam 多雲解決方案 (完整版本)
2021 五月 Veeam 多雲解決方案 (完整版本)2021 五月 Veeam 多雲解決方案 (完整版本)
2021 五月 Veeam 多雲解決方案 (完整版本)Wales Chen
 
期末專題說明
期末專題說明期末專題說明
期末專題說明Phate334
 

La actualidad más candente (20)

Enterprise Security Architecture Design
Enterprise Security Architecture DesignEnterprise Security Architecture Design
Enterprise Security Architecture Design
 
Data Center Checklist for Infrastructure Best Practices (SlideShare)
Data Center Checklist for Infrastructure Best Practices (SlideShare)Data Center Checklist for Infrastructure Best Practices (SlideShare)
Data Center Checklist for Infrastructure Best Practices (SlideShare)
 
Cybersecurity Capability Maturity Model Self-Evaluation Report Jan 27 2023.pdf
Cybersecurity Capability Maturity Model Self-Evaluation Report Jan 27 2023.pdfCybersecurity Capability Maturity Model Self-Evaluation Report Jan 27 2023.pdf
Cybersecurity Capability Maturity Model Self-Evaluation Report Jan 27 2023.pdf
 
Introduction to red team operations
Introduction to red team operationsIntroduction to red team operations
Introduction to red team operations
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security Presentation
 
Cyber Security roadmap.pptx
Cyber Security roadmap.pptxCyber Security roadmap.pptx
Cyber Security roadmap.pptx
 
CISSP 8 Domains.pdf
CISSP 8 Domains.pdfCISSP 8 Domains.pdf
CISSP 8 Domains.pdf
 
Advice for CISOs: How to Approach OT Cybersecurity
Advice for CISOs: How to Approach OT CybersecurityAdvice for CISOs: How to Approach OT Cybersecurity
Advice for CISOs: How to Approach OT Cybersecurity
 
Cyber security career development paths
Cyber security career development pathsCyber security career development paths
Cyber security career development paths
 
Professional Services for Cyber Recovery .pptx
Professional Services for Cyber Recovery .pptxProfessional Services for Cyber Recovery .pptx
Professional Services for Cyber Recovery .pptx
 
How MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operationsHow MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operations
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security Roadmap
 
NIST SP 800 30 Flow Chart
NIST SP 800 30 Flow ChartNIST SP 800 30 Flow Chart
NIST SP 800 30 Flow Chart
 
Low level design template (1)
Low level design template (1)Low level design template (1)
Low level design template (1)
 
Super Easy Memory Forensics
Super Easy Memory ForensicsSuper Easy Memory Forensics
Super Easy Memory Forensics
 
The top 10 windows logs event id's used v1.0
The top 10 windows logs event id's used v1.0The top 10 windows logs event id's used v1.0
The top 10 windows logs event id's used v1.0
 
CyberOps.pptx
CyberOps.pptxCyberOps.pptx
CyberOps.pptx
 
Cyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metricsCyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metrics
 
2021 五月 Veeam 多雲解決方案 (完整版本)
2021 五月 Veeam 多雲解決方案 (完整版本)2021 五月 Veeam 多雲解決方案 (完整版本)
2021 五月 Veeam 多雲解決方案 (完整版本)
 
期末專題說明
期末專題說明期末專題說明
期末專題說明
 

Destacado

44CON @ IPexpo - You're fighting an APT with what exactly?
44CON @ IPexpo - You're fighting an APT with what exactly?44CON @ IPexpo - You're fighting an APT with what exactly?
44CON @ IPexpo - You're fighting an APT with what exactly?44CON
 
Packer Genetics: The selfish code
Packer Genetics: The selfish codePacker Genetics: The selfish code
Packer Genetics: The selfish codejduart
 
44CON 2014 - Flushing Away Preconceptions of Risk, Thom Langford
44CON 2014 - Flushing Away Preconceptions of Risk, Thom Langford44CON 2014 - Flushing Away Preconceptions of Risk, Thom Langford
44CON 2014 - Flushing Away Preconceptions of Risk, Thom Langford44CON
 
44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root
44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root
44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root44CON
 
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins44CON
 
44CON 2014 - Breaking AV Software
44CON 2014 - Breaking AV Software44CON 2014 - Breaking AV Software
44CON 2014 - Breaking AV Software44CON
 
44CON 2104 - Lessons Learned from Black Hat's Infrastructure, Conan Dooley
44CON 2104 - Lessons Learned from Black Hat's Infrastructure, Conan Dooley44CON 2104 - Lessons Learned from Black Hat's Infrastructure, Conan Dooley
44CON 2104 - Lessons Learned from Black Hat's Infrastructure, Conan Dooley44CON
 
44CON 2014 - Researching Android Device Security with the Help of a Droid Arm...
44CON 2014 - Researching Android Device Security with the Help of a Droid Arm...44CON 2014 - Researching Android Device Security with the Help of a Droid Arm...
44CON 2014 - Researching Android Device Security with the Help of a Droid Arm...44CON
 
44CON London 2015 - Hunting Asynchronous Vulnerabilities
44CON London 2015 - Hunting Asynchronous Vulnerabilities44CON London 2015 - Hunting Asynchronous Vulnerabilities
44CON London 2015 - Hunting Asynchronous Vulnerabilities44CON
 
44CON London 2015 - reverse reverse engineering
44CON London 2015 - reverse reverse engineering44CON London 2015 - reverse reverse engineering
44CON London 2015 - reverse reverse engineering44CON
 
44CON 2013 - .Net Havoc - Manipulating Properties of Dormant Server Side Web ...
44CON 2013 - .Net Havoc - Manipulating Properties of Dormant Server Side Web ...44CON 2013 - .Net Havoc - Manipulating Properties of Dormant Server Side Web ...
44CON 2013 - .Net Havoc - Manipulating Properties of Dormant Server Side Web ...44CON
 
44CON London 2015 - Reverse engineering and exploiting font rasterizers: the ...
44CON London 2015 - Reverse engineering and exploiting font rasterizers: the ...44CON London 2015 - Reverse engineering and exploiting font rasterizers: the ...
44CON London 2015 - Reverse engineering and exploiting font rasterizers: the ...44CON
 
44CON 2014 - Switches Get Stitches, Eireann Leverett & Matt Erasmus
44CON 2014 - Switches Get Stitches, Eireann Leverett & Matt Erasmus44CON 2014 - Switches Get Stitches, Eireann Leverett & Matt Erasmus
44CON 2014 - Switches Get Stitches, Eireann Leverett & Matt Erasmus44CON
 
44CON 2014 - I Hunt TR-069 Admins: Pwning ISPs Like a Boss, Shahar Tal
44CON 2014 - I Hunt TR-069 Admins: Pwning ISPs Like a Boss, Shahar Tal44CON 2014 - I Hunt TR-069 Admins: Pwning ISPs Like a Boss, Shahar Tal
44CON 2014 - I Hunt TR-069 Admins: Pwning ISPs Like a Boss, Shahar Tal44CON
 
44CON 2014 - Advanced Excel Hacking, Didier Stevens
44CON 2014 - Advanced Excel Hacking, Didier Stevens44CON 2014 - Advanced Excel Hacking, Didier Stevens
44CON 2014 - Advanced Excel Hacking, Didier Stevens44CON
 
44CON London 2015 - Playing with Fire: Attacking the FireEye MPS
44CON London 2015 - Playing with Fire: Attacking the FireEye MPS44CON London 2015 - Playing with Fire: Attacking the FireEye MPS
44CON London 2015 - Playing with Fire: Attacking the FireEye MPS44CON
 
44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe Fitz...
44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe Fitz...44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe Fitz...
44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe Fitz...44CON
 
44CON 2014 - I gave a talk about robots and hardware!, Josh Thomas
44CON 2014 - I gave a talk about robots and hardware!, Josh Thomas44CON 2014 - I gave a talk about robots and hardware!, Josh Thomas
44CON 2014 - I gave a talk about robots and hardware!, Josh Thomas44CON
 
44CON 2014 - GreedyBTS: Hacking Adventures in GSM, Hacker Fantastic
44CON 2014 - GreedyBTS: Hacking Adventures in GSM, Hacker Fantastic44CON 2014 - GreedyBTS: Hacking Adventures in GSM, Hacker Fantastic
44CON 2014 - GreedyBTS: Hacking Adventures in GSM, Hacker Fantastic44CON
 

Destacado (20)

44CON @ IPexpo - You're fighting an APT with what exactly?
44CON @ IPexpo - You're fighting an APT with what exactly?44CON @ IPexpo - You're fighting an APT with what exactly?
44CON @ IPexpo - You're fighting an APT with what exactly?
 
Packer Genetics: The selfish code
Packer Genetics: The selfish codePacker Genetics: The selfish code
Packer Genetics: The selfish code
 
ShaREing is Caring
ShaREing is CaringShaREing is Caring
ShaREing is Caring
 
44CON 2014 - Flushing Away Preconceptions of Risk, Thom Langford
44CON 2014 - Flushing Away Preconceptions of Risk, Thom Langford44CON 2014 - Flushing Away Preconceptions of Risk, Thom Langford
44CON 2014 - Flushing Away Preconceptions of Risk, Thom Langford
 
44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root
44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root
44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root
 
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins
 
44CON 2014 - Breaking AV Software
44CON 2014 - Breaking AV Software44CON 2014 - Breaking AV Software
44CON 2014 - Breaking AV Software
 
44CON 2104 - Lessons Learned from Black Hat's Infrastructure, Conan Dooley
44CON 2104 - Lessons Learned from Black Hat's Infrastructure, Conan Dooley44CON 2104 - Lessons Learned from Black Hat's Infrastructure, Conan Dooley
44CON 2104 - Lessons Learned from Black Hat's Infrastructure, Conan Dooley
 
44CON 2014 - Researching Android Device Security with the Help of a Droid Arm...
44CON 2014 - Researching Android Device Security with the Help of a Droid Arm...44CON 2014 - Researching Android Device Security with the Help of a Droid Arm...
44CON 2014 - Researching Android Device Security with the Help of a Droid Arm...
 
44CON London 2015 - Hunting Asynchronous Vulnerabilities
44CON London 2015 - Hunting Asynchronous Vulnerabilities44CON London 2015 - Hunting Asynchronous Vulnerabilities
44CON London 2015 - Hunting Asynchronous Vulnerabilities
 
44CON London 2015 - reverse reverse engineering
44CON London 2015 - reverse reverse engineering44CON London 2015 - reverse reverse engineering
44CON London 2015 - reverse reverse engineering
 
44CON 2013 - .Net Havoc - Manipulating Properties of Dormant Server Side Web ...
44CON 2013 - .Net Havoc - Manipulating Properties of Dormant Server Side Web ...44CON 2013 - .Net Havoc - Manipulating Properties of Dormant Server Side Web ...
44CON 2013 - .Net Havoc - Manipulating Properties of Dormant Server Side Web ...
 
44CON London 2015 - Reverse engineering and exploiting font rasterizers: the ...
44CON London 2015 - Reverse engineering and exploiting font rasterizers: the ...44CON London 2015 - Reverse engineering and exploiting font rasterizers: the ...
44CON London 2015 - Reverse engineering and exploiting font rasterizers: the ...
 
44CON 2014 - Switches Get Stitches, Eireann Leverett & Matt Erasmus
44CON 2014 - Switches Get Stitches, Eireann Leverett & Matt Erasmus44CON 2014 - Switches Get Stitches, Eireann Leverett & Matt Erasmus
44CON 2014 - Switches Get Stitches, Eireann Leverett & Matt Erasmus
 
44CON 2014 - I Hunt TR-069 Admins: Pwning ISPs Like a Boss, Shahar Tal
44CON 2014 - I Hunt TR-069 Admins: Pwning ISPs Like a Boss, Shahar Tal44CON 2014 - I Hunt TR-069 Admins: Pwning ISPs Like a Boss, Shahar Tal
44CON 2014 - I Hunt TR-069 Admins: Pwning ISPs Like a Boss, Shahar Tal
 
44CON 2014 - Advanced Excel Hacking, Didier Stevens
44CON 2014 - Advanced Excel Hacking, Didier Stevens44CON 2014 - Advanced Excel Hacking, Didier Stevens
44CON 2014 - Advanced Excel Hacking, Didier Stevens
 
44CON London 2015 - Playing with Fire: Attacking the FireEye MPS
44CON London 2015 - Playing with Fire: Attacking the FireEye MPS44CON London 2015 - Playing with Fire: Attacking the FireEye MPS
44CON London 2015 - Playing with Fire: Attacking the FireEye MPS
 
44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe Fitz...
44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe Fitz...44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe Fitz...
44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe Fitz...
 
44CON 2014 - I gave a talk about robots and hardware!, Josh Thomas
44CON 2014 - I gave a talk about robots and hardware!, Josh Thomas44CON 2014 - I gave a talk about robots and hardware!, Josh Thomas
44CON 2014 - I gave a talk about robots and hardware!, Josh Thomas
 
44CON 2014 - GreedyBTS: Hacking Adventures in GSM, Hacker Fantastic
44CON 2014 - GreedyBTS: Hacking Adventures in GSM, Hacker Fantastic44CON 2014 - GreedyBTS: Hacking Adventures in GSM, Hacker Fantastic
44CON 2014 - GreedyBTS: Hacking Adventures in GSM, Hacker Fantastic
 

Similar a 44CON 2014 - Binary Protocol Analysis with CANAPE, James Forshaw

ClickHouse Paris Meetup. Pragma Analytics Software Suite w/ClickHouse, by Mat...
ClickHouse Paris Meetup. Pragma Analytics Software Suite w/ClickHouse, by Mat...ClickHouse Paris Meetup. Pragma Analytics Software Suite w/ClickHouse, by Mat...
ClickHouse Paris Meetup. Pragma Analytics Software Suite w/ClickHouse, by Mat...Altinity Ltd
 
Xamarin Form using ASP.NET Core SignalR client
Xamarin Form using ASP.NET Core SignalR clientXamarin Form using ASP.NET Core SignalR client
Xamarin Form using ASP.NET Core SignalR clientChen Yu Pao
 
from Docker to Moby and back. what changed ?
from Docker to Moby and back. what changed ?from Docker to Moby and back. what changed ?
from Docker to Moby and back. what changed ?strikr .
 
OFI libfabric Tutorial
OFI libfabric TutorialOFI libfabric Tutorial
OFI libfabric Tutorialdgoodell
 
Staying Close to Experts with Executable Specifications
Staying Close to Experts with Executable SpecificationsStaying Close to Experts with Executable Specifications
Staying Close to Experts with Executable SpecificationsVagif Abilov
 
P4_tutorial.pdf
P4_tutorial.pdfP4_tutorial.pdf
P4_tutorial.pdfPramodhN3
 
Cloud native IPC for Microservices Workshop @ Containerdays 2022
Cloud native IPC for Microservices Workshop @ Containerdays 2022Cloud native IPC for Microservices Workshop @ Containerdays 2022
Cloud native IPC for Microservices Workshop @ Containerdays 2022QAware GmbH
 
Monitoring federation open stack infrastructure
Monitoring federation open stack infrastructureMonitoring federation open stack infrastructure
Monitoring federation open stack infrastructureFernando Lopez Aguilar
 
Wireshark 101 - OWASP Chandigarh Meetup - CyberForge Academy
Wireshark 101 - OWASP Chandigarh Meetup - CyberForge AcademyWireshark 101 - OWASP Chandigarh Meetup - CyberForge Academy
Wireshark 101 - OWASP Chandigarh Meetup - CyberForge Academycyberforgeacademy
 
PNDA - Platform for Network Data Analytics
PNDA - Platform for Network Data AnalyticsPNDA - Platform for Network Data Analytics
PNDA - Platform for Network Data AnalyticsJohn Evans
 
Logs aggregation and analysis
Logs aggregation and analysisLogs aggregation and analysis
Logs aggregation and analysisDivante
 
Being Ready for Apache Kafka - Apache: Big Data Europe 2015
Being Ready for Apache Kafka - Apache: Big Data Europe 2015Being Ready for Apache Kafka - Apache: Big Data Europe 2015
Being Ready for Apache Kafka - Apache: Big Data Europe 2015Michael Noll
 
Realtime traffic analyser
Realtime traffic analyserRealtime traffic analyser
Realtime traffic analyserAlex Moskvin
 
Compiling P4 to XDP, IOVISOR Summit 2017
Compiling P4 to XDP, IOVISOR Summit 2017Compiling P4 to XDP, IOVISOR Summit 2017
Compiling P4 to XDP, IOVISOR Summit 2017Cheng-Chun William Tu
 
Building high performance microservices in finance with Apache Thrift
Building high performance microservices in finance with Apache ThriftBuilding high performance microservices in finance with Apache Thrift
Building high performance microservices in finance with Apache ThriftRX-M Enterprises LLC
 
Quick look in Reactive Extensions
Quick look in Reactive ExtensionsQuick look in Reactive Extensions
Quick look in Reactive Extensionsjohnlvidal
 
Fuzzing Janus @ IPTComm 2019
Fuzzing Janus @ IPTComm 2019Fuzzing Janus @ IPTComm 2019
Fuzzing Janus @ IPTComm 2019Lorenzo Miniero
 
Devfest uk & ireland using apache nifi with apache pulsar for fast data on-r...
Devfest uk & ireland using apache nifi with apache pulsar for fast data on-r...Devfest uk & ireland using apache nifi with apache pulsar for fast data on-r...
Devfest uk & ireland using apache nifi with apache pulsar for fast data on-r...Timothy Spann
 
Infrastructure as Code Presentation v5.pptx
Infrastructure as Code Presentation v5.pptxInfrastructure as Code Presentation v5.pptx
Infrastructure as Code Presentation v5.pptxYASHSRIVASTAVA811639
 

Similar a 44CON 2014 - Binary Protocol Analysis with CANAPE, James Forshaw (20)

ClickHouse Paris Meetup. Pragma Analytics Software Suite w/ClickHouse, by Mat...
ClickHouse Paris Meetup. Pragma Analytics Software Suite w/ClickHouse, by Mat...ClickHouse Paris Meetup. Pragma Analytics Software Suite w/ClickHouse, by Mat...
ClickHouse Paris Meetup. Pragma Analytics Software Suite w/ClickHouse, by Mat...
 
Xamarin Form using ASP.NET Core SignalR client
Xamarin Form using ASP.NET Core SignalR clientXamarin Form using ASP.NET Core SignalR client
Xamarin Form using ASP.NET Core SignalR client
 
from Docker to Moby and back. what changed ?
from Docker to Moby and back. what changed ?from Docker to Moby and back. what changed ?
from Docker to Moby and back. what changed ?
 
OFI libfabric Tutorial
OFI libfabric TutorialOFI libfabric Tutorial
OFI libfabric Tutorial
 
Staying Close to Experts with Executable Specifications
Staying Close to Experts with Executable SpecificationsStaying Close to Experts with Executable Specifications
Staying Close to Experts with Executable Specifications
 
P4_tutorial.pdf
P4_tutorial.pdfP4_tutorial.pdf
P4_tutorial.pdf
 
Cloud native IPC for Microservices Workshop @ Containerdays 2022
Cloud native IPC for Microservices Workshop @ Containerdays 2022Cloud native IPC for Microservices Workshop @ Containerdays 2022
Cloud native IPC for Microservices Workshop @ Containerdays 2022
 
Monitoring federation open stack infrastructure
Monitoring federation open stack infrastructureMonitoring federation open stack infrastructure
Monitoring federation open stack infrastructure
 
Monitoring your API
Monitoring your APIMonitoring your API
Monitoring your API
 
Wireshark 101 - OWASP Chandigarh Meetup - CyberForge Academy
Wireshark 101 - OWASP Chandigarh Meetup - CyberForge AcademyWireshark 101 - OWASP Chandigarh Meetup - CyberForge Academy
Wireshark 101 - OWASP Chandigarh Meetup - CyberForge Academy
 
PNDA - Platform for Network Data Analytics
PNDA - Platform for Network Data AnalyticsPNDA - Platform for Network Data Analytics
PNDA - Platform for Network Data Analytics
 
Logs aggregation and analysis
Logs aggregation and analysisLogs aggregation and analysis
Logs aggregation and analysis
 
Being Ready for Apache Kafka - Apache: Big Data Europe 2015
Being Ready for Apache Kafka - Apache: Big Data Europe 2015Being Ready for Apache Kafka - Apache: Big Data Europe 2015
Being Ready for Apache Kafka - Apache: Big Data Europe 2015
 
Realtime traffic analyser
Realtime traffic analyserRealtime traffic analyser
Realtime traffic analyser
 
Compiling P4 to XDP, IOVISOR Summit 2017
Compiling P4 to XDP, IOVISOR Summit 2017Compiling P4 to XDP, IOVISOR Summit 2017
Compiling P4 to XDP, IOVISOR Summit 2017
 
Building high performance microservices in finance with Apache Thrift
Building high performance microservices in finance with Apache ThriftBuilding high performance microservices in finance with Apache Thrift
Building high performance microservices in finance with Apache Thrift
 
Quick look in Reactive Extensions
Quick look in Reactive ExtensionsQuick look in Reactive Extensions
Quick look in Reactive Extensions
 
Fuzzing Janus @ IPTComm 2019
Fuzzing Janus @ IPTComm 2019Fuzzing Janus @ IPTComm 2019
Fuzzing Janus @ IPTComm 2019
 
Devfest uk & ireland using apache nifi with apache pulsar for fast data on-r...
Devfest uk & ireland using apache nifi with apache pulsar for fast data on-r...Devfest uk & ireland using apache nifi with apache pulsar for fast data on-r...
Devfest uk & ireland using apache nifi with apache pulsar for fast data on-r...
 
Infrastructure as Code Presentation v5.pptx
Infrastructure as Code Presentation v5.pptxInfrastructure as Code Presentation v5.pptx
Infrastructure as Code Presentation v5.pptx
 

Más de 44CON

They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzo...
They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzo...They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzo...
They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzo...44CON
 
How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus S...
How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus S...How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus S...
How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus S...44CON
 
Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CO...
Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CO...Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CO...
Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CO...44CON
 
JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and...
JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and...JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and...
JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and...44CON
 
Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON ...
Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON ...Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON ...
Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON ...44CON
 
The UK's Code of Practice for Security in Consumer IoT Products and Services ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...The UK's Code of Practice for Security in Consumer IoT Products and Services ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...44CON
 
Weak analogies make poor realities – are we sitting on a Security Debt Crisis...
Weak analogies make poor realities – are we sitting on a Security Debt Crisis...Weak analogies make poor realities – are we sitting on a Security Debt Crisis...
Weak analogies make poor realities – are we sitting on a Security Debt Crisis...44CON
 
Pwning the 44CON Nerf Tank
Pwning the 44CON Nerf TankPwning the 44CON Nerf Tank
Pwning the 44CON Nerf Tank44CON
 
Security module for php7 – Killing bugclasses and virtual-patching the rest! ...
Security module for php7 – Killing bugclasses and virtual-patching the rest! ...Security module for php7 – Killing bugclasses and virtual-patching the rest! ...
Security module for php7 – Killing bugclasses and virtual-patching the rest! ...44CON
 
44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images
44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images
44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images44CON
 
44CON London 2015 - Is there an EFI monster inside your apple?
44CON London 2015 - Is there an EFI monster inside your apple?44CON London 2015 - Is there an EFI monster inside your apple?
44CON London 2015 - Is there an EFI monster inside your apple?44CON
 
44CON London 2015 - Indicators of Compromise: From malware analysis to eradic...
44CON London 2015 - Indicators of Compromise: From malware analysis to eradic...44CON London 2015 - Indicators of Compromise: From malware analysis to eradic...
44CON London 2015 - Indicators of Compromise: From malware analysis to eradic...44CON
 
44CON London 2015 - How to drive a malware analyst crazy
44CON London 2015 - How to drive a malware analyst crazy44CON London 2015 - How to drive a malware analyst crazy
44CON London 2015 - How to drive a malware analyst crazy44CON
 
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis44CON
 
44CON London 2015 - Going AUTH the Rails on a Crazy Train
44CON London 2015 - Going AUTH the Rails on a Crazy Train44CON London 2015 - Going AUTH the Rails on a Crazy Train
44CON London 2015 - Going AUTH the Rails on a Crazy Train44CON
 
44CON London 2015 - Software Defined Networking (SDN) Security
44CON London 2015 - Software Defined Networking (SDN) Security44CON London 2015 - Software Defined Networking (SDN) Security
44CON London 2015 - Software Defined Networking (SDN) Security44CON
 
44CON London 2015 - DDoS mitigation EPIC FAIL collection
44CON London 2015 - DDoS mitigation EPIC FAIL collection44CON London 2015 - DDoS mitigation EPIC FAIL collection
44CON London 2015 - DDoS mitigation EPIC FAIL collection44CON
 
44CON London 2015 - Windows 10: 2 Steps Forward, 1 Step Back
44CON London 2015 - Windows 10: 2 Steps Forward, 1 Step Back44CON London 2015 - Windows 10: 2 Steps Forward, 1 Step Back
44CON London 2015 - Windows 10: 2 Steps Forward, 1 Step Back44CON
 
44CON London 2015 - Old Dog, New Tricks: Forensics With PowerShell
44CON London 2015 - Old Dog, New Tricks: Forensics With PowerShell44CON London 2015 - Old Dog, New Tricks: Forensics With PowerShell
44CON London 2015 - Old Dog, New Tricks: Forensics With PowerShell44CON
 
44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...
44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...
44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...44CON
 

Más de 44CON (20)

They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzo...
They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzo...They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzo...
They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzo...
 
How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus S...
How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus S...How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus S...
How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus S...
 
Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CO...
Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CO...Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CO...
Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CO...
 
JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and...
JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and...JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and...
JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and...
 
Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON ...
Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON ...Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON ...
Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON ...
 
The UK's Code of Practice for Security in Consumer IoT Products and Services ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...The UK's Code of Practice for Security in Consumer IoT Products and Services ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...
 
Weak analogies make poor realities – are we sitting on a Security Debt Crisis...
Weak analogies make poor realities – are we sitting on a Security Debt Crisis...Weak analogies make poor realities – are we sitting on a Security Debt Crisis...
Weak analogies make poor realities – are we sitting on a Security Debt Crisis...
 
Pwning the 44CON Nerf Tank
Pwning the 44CON Nerf TankPwning the 44CON Nerf Tank
Pwning the 44CON Nerf Tank
 
Security module for php7 – Killing bugclasses and virtual-patching the rest! ...
Security module for php7 – Killing bugclasses and virtual-patching the rest! ...Security module for php7 – Killing bugclasses and virtual-patching the rest! ...
Security module for php7 – Killing bugclasses and virtual-patching the rest! ...
 
44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images
44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images
44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images
 
44CON London 2015 - Is there an EFI monster inside your apple?
44CON London 2015 - Is there an EFI monster inside your apple?44CON London 2015 - Is there an EFI monster inside your apple?
44CON London 2015 - Is there an EFI monster inside your apple?
 
44CON London 2015 - Indicators of Compromise: From malware analysis to eradic...
44CON London 2015 - Indicators of Compromise: From malware analysis to eradic...44CON London 2015 - Indicators of Compromise: From malware analysis to eradic...
44CON London 2015 - Indicators of Compromise: From malware analysis to eradic...
 
44CON London 2015 - How to drive a malware analyst crazy
44CON London 2015 - How to drive a malware analyst crazy44CON London 2015 - How to drive a malware analyst crazy
44CON London 2015 - How to drive a malware analyst crazy
 
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
 
44CON London 2015 - Going AUTH the Rails on a Crazy Train
44CON London 2015 - Going AUTH the Rails on a Crazy Train44CON London 2015 - Going AUTH the Rails on a Crazy Train
44CON London 2015 - Going AUTH the Rails on a Crazy Train
 
44CON London 2015 - Software Defined Networking (SDN) Security
44CON London 2015 - Software Defined Networking (SDN) Security44CON London 2015 - Software Defined Networking (SDN) Security
44CON London 2015 - Software Defined Networking (SDN) Security
 
44CON London 2015 - DDoS mitigation EPIC FAIL collection
44CON London 2015 - DDoS mitigation EPIC FAIL collection44CON London 2015 - DDoS mitigation EPIC FAIL collection
44CON London 2015 - DDoS mitigation EPIC FAIL collection
 
44CON London 2015 - Windows 10: 2 Steps Forward, 1 Step Back
44CON London 2015 - Windows 10: 2 Steps Forward, 1 Step Back44CON London 2015 - Windows 10: 2 Steps Forward, 1 Step Back
44CON London 2015 - Windows 10: 2 Steps Forward, 1 Step Back
 
44CON London 2015 - Old Dog, New Tricks: Forensics With PowerShell
44CON London 2015 - Old Dog, New Tricks: Forensics With PowerShell44CON London 2015 - Old Dog, New Tricks: Forensics With PowerShell
44CON London 2015 - Old Dog, New Tricks: Forensics With PowerShell
 
44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...
44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...
44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...
 

Último

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusZilliz
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 

Último (20)

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 

44CON 2014 - Binary Protocol Analysis with CANAPE, James Forshaw

  • 1. Binary Protocol Analysis with CANAPE James Forshaw
  • 2. Schedule 1.What is CANAPE? 2.Say Hello to SuperFunkyChat 3.Proxying and Capturing Traffic 4.NetGraphs 5.Modelling State Transitions 6.Removing SSL/Layers 7.Traffic Manipulation and Replay 8.Developing Network Clients 9.Wrap Up https://www.github.com/tyranid/44con_2014
  • 3. Playing Along at Home •Pre-built binaries available at: •https://www.github.com/tyranid/44con_2014 •Example projects and slides will come later ASK QUESTIONS https://www.github.com/tyranid/44con_2014
  • 4. What is CANAPE? •Arbitrary Network Protocol Capture Tool •Specifically designed for Binary Protocols •Windows focused (some Mono support) •Open source, GPLv3, written in C# •https://www.github.com/ctxis/canape https://www.github.com/tyranid/44con_2014
  • 5. What Makes CANAPE Different? •Number of tools to generate or fuzz network traffic •Scapy, Peach, Sulleyetc. •Takes Web Application Testing Paradigm and applies to arbitrary protocols •GUI •Easy packet manipulation •Quick feedback https://www.github.com/tyranid/44con_2014
  • 6. Workshop 0: Quick Tour of CANAPE https://www.github.com/tyranid/44con_2014
  • 7. Say Hello to Super Funky Chat!!11! https://www.github.com/tyranid/44con_2014
  • 8. SuperFunkyChat •Simple Windows IM Application •Written originally as a CTF and CANAPE tutorial •Uses a binary protocol •Supports SOCKS •Has a few “Undocumented” features •Sourcecodeavailable at https://www.github.com/tyranid/SuperFunkyChat •Don’t use as a real IM system  https://www.github.com/tyranid/44con_2014
  • 9. Workshop 1: Quick Tour of SuperFunkyChat https://www.github.com/tyranid/44con_2014
  • 10. Proxying and Capturing Traffic •CANAPE Supports Many Ways of Proxying Traffic: •TCP/UDP Port Forwarding •SOCKS v4/v5 Proxy •HTTP Forward and Reverse Proxies •Can develop your own extensions to support other types of networks (NamedPipes, COM ports) •Also supports Servers and Clients https://www.github.com/tyranid/44con_2014
  • 11. Identifying Suitable Traffic •Need to work out what traffic to capture •Reverse Engineering •Wireshark/PCAP https://www.github.com/tyranid/44con_2014
  • 12. Forcing Traffic Through CANAPE •CANAPE works at Application Level (TCP/UDP) not network •Traffic from Application needs to go through CANAPE •Proxy support •DNS redirecting •DNAT •SOCKSifyingtools (Proxifierfor example) https://www.github.com/tyranid/44con_2014
  • 13. Services •CANAPE insolates your project into a set of services. •You define a template for your service: •Data flow •State model •Dynamic content •When a new connection is made an Instance is instantiated based on the template https://www.github.com/tyranid/44con_2014
  • 14. Workshop 2: Capturing SuperFunkyChat https://www.github.com/tyranid/44con_2014
  • 16. NetGraphs •NetGraphsused to mode data flow and state •Specified as a directed graph •Standard graph nodes available •Can implement custom nodes in C#/IronPython https://www.github.com/tyranid/44con_2014
  • 17. Specifying a NetGraph Select Default Graph https://www.github.com/tyranid/44con_2014
  • 18. Netgraphin Service Context Client Application Server Application https://www.github.com/tyranid/44con_2014
  • 19. Some Standard Nodes Name Description LogNode Logspackets as they traverse the node Decision Node Performs an IF condition on packets Switch Node Selecton output based on state Edit Node Displaysa dialog to allow manual packet editing Dynamic Node Scripted content Layer Section Graphcontainer and layer processing https://www.github.com/tyranid/44con_2014
  • 20. Graph User Interface •Create a new graph by right clicking project explorer •Left Click to Select and Drag Nodes •Right Click to Add Nodes •Hold and Drag Middle Button to Add Edges •Can also hold left Control and use Left button •Nodes can be disabled from right click menu https://www.github.com/tyranid/44con_2014
  • 22. Node Filters •Each node has a Filters property •Defines match rules for what packets the node will process https://www.github.com/tyranid/44con_2014
  • 23. Workshop 3: Playing with Netgraphs https://www.github.com/tyranid/44con_2014
  • 25. Packet Logging •Only packets which traverse a log node in a graph end up being logged (well unless you do it manually) •Affected by node filters •Can specify a number of properties: •Colour •Logged Name https://www.github.com/tyranid/44con_2014
  • 26. Workshop 4: Packet Logging Interface https://www.github.com/tyranid/44con_2014
  • 27. Packet Tools •Analysis of traffic means looking at binary data •Many different tasks: •Comparing packets and sequences of packets •Importing and exporting data •Searching https://www.github.com/tyranid/44con_2014
  • 28. Workshop 5: Packet Tools https://www.github.com/tyranid/44con_2014
  • 29. Parsing Traffic •CANAPE’s data pipeline can be scripted using C# or Python •Not necessarily easy thing to do •Parser editor to the rescue https://www.github.com/tyranid/44con_2014
  • 31. Parser Editor •Build protocol structure in GUI •Defines 3 types: •Sequences •Enumerations •Parsers •Supports complex expressions, TLV, sub-sequences etc. •Compiles to C# parser script, can be exported and tweaked https://www.github.com/tyranid/44con_2014
  • 32. Parsed Packet Format Root Key (/) Key A Value Y Key B Value X SelectionPath= /A/Y •Nodes and filtessupport a Selection Path •Uses an XPATH syntax to determine selection https://www.github.com/tyranid/44con_2014
  • 33. SuperFunkyChatPacket Structure Length (4 bytes) Checksum (4 bytes) Data (Length bytes) Command (1 byte) Command Specific Data (Length-1 bytes) https://www.github.com/tyranid/44con_2014
  • 34. Workshop 6: Parser Development https://www.github.com/tyranid/44con_2014
  • 35. Removing TLS/Layers •One of the most common security protocols is TLS/SSL •CANAPE doesn’t assume it knows better than you whether a connection is TLS or not •Can wrap and decrypt entire connection https://www.github.com/tyranid/44con_2014
  • 36. Workshop 7: Remove TLS Encryption https://www.github.com/tyranid/44con_2014
  • 38. State Modelling •Most protocols aren’t simple streams of data •Need to deal with State •Main way of handling this in CANAPE is through the netgraphs •Also simpler interface using state graphs https://www.github.com/tyranid/44con_2014
  • 39. Meta Data Storage Service 1 Instance Local Meta Service 1 Instance Global Meta Local Meta Service 2 Instance Local Meta Project Meta https://www.github.com/tyranid/44con_2014
  • 40. Accessing Meta Data Storage •Local (Graph.Meta) •Global (Graph.GlobalMeta) •Project (CANAPEProject.CurrentProject.GlobalMeta) •Layers (this.Meta/this.GlobalMeta) https://www.github.com/tyranid/44con_2014
  • 41. MetaSelection •Already seen XPATH SelectionPath •Filters can also select on MetaData •Examples: •#MetaName–Select the local meta value •$MetaName–Select the global meta value https://www.github.com/tyranid/44con_2014
  • 42. Workshop 8: Developing XOR Decryption https://www.github.com/tyranid/44con_2014
  • 43. Traffic Manipulation and Replay https://www.github.com/tyranid/44con_2014
  • 44. Dealing with Checksums •Up to now we’ve only looked at packets, never changed and replayed them •Something prevents us doing this, the checksum •Could write a script to fix up checksum after modification •Parser editor also gives some basic functions to do this for us https://www.github.com/tyranid/44con_2014
  • 45. Expressions •Parser editor supports a python-like syntax expression evaluator •Combine with calculated values to recalculate checksum •Can even use python snippets: DoChecksum.RunMe(Command, bytes(Payload)) https://www.github.com/tyranid/44con_2014
  • 46. Workshop 9: Packet Replay and Injection https://www.github.com/tyranid/44con_2014
  • 47. Developing Network Clients https://www.github.com/tyranid/44con_2014
  • 48. Network Clients •CANAPE supports developing network clients •Designed to allow reuse of work developed through MitM(graphs/scripts) to be reused with the minimal of effort •Can be used for fuzzing or other automated tasks. https://www.github.com/tyranid/44con_2014
  • 49. Workshop 10: Command Fuzzer https://www.github.com/tyranid/44con_2014