Back To Schedule
Wednesday, November 20 • 4:00pm - 4:50pm
Forensic Investigations of Web Explotations

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Video of session:

Investigation of hacking incidents often requires combine effort of different technologies. Evidence and forensics artifacts are often found in various forms and formats. Network Forensics is one of the components in the process of finding compromised hosts, capturing and reconstructing malicious sessions. Attacks on web vulnerabilities can be replayed and transmitted data uncovered. This session will cover open source tools used for investigation of web compromised hosts and network forensics. Variety of tools can produce quite significant supplement to electronic evidence, and in many cases also capture the malicious executables transmitted in the traffic, or ex-filtrated data. Various network protocols and their structure will be presented. Open source Network forensic tools will be used on the traffic captured from a hacked web server. Different tools will be introduced for specific tasks in the investigation process. Captured traffic will be analyzed and reconstructed, and various artifacts found in the investigation will be discussed.

avatar for LIFARS LLC


Ondrej Krehel is principal and founder of LIFARS LLC, an international cyber security and digital forensics firm. He’s the former Chief Information Security Officer of Identity Theft 911, the nation’s premier identity theft recovery and data breach management service. He previously... Read More →

Wednesday November 20, 2013 4:00pm - 4:50pm EST
Salon 1 (5th Floor Ballroom) NY Marriott Marquis

Attendees (0)