In this talk, we'll take a PCAP file containing traffic from an exploit kit infection and then will try to analyse the traffic and see how the victim was exploited. This will be mostly a hands-on session. The tools that we'll mainly use are Wireshark and CapTipper. Attendees can come with these tools installed if they want to follow along. Additionally, we might also use Security Onion distro.
Starts at Saturday May 07 2016, 10:45 AM. The sessions runs for 40 minutes.