Fireshark - A tool to Link the Malicious Web
- Type
- Slides
- Tags
- malware, malware analysis
- Authors
- Stephan Chenette
- Event
- Black Hat EU 2010
- Indexed on
- Mar 26, 2013
- URL
- https://media.blackhat.com/bh-eu-10/presentations/Chenette/Blackhat-EU-2010-Chenette-Fireshark-slides.pdf
- File name
- Blackhat-EU-2010-Chenette-Fireshark-slides.pdf
- File size
- 10.1 MB
- MD5
- 851e7dcd3b1870f17654662993fd7e29
- SHA1
- b3a9f0931d392377bd2f3c46d2ba5d9f0ee23ab7
Thousands of legitimate web sites serve malicious content to millions of visitors each and every day. Trying to piece all the research together to confirm any similarities between possible common group patterns within these websites, such as redirectors that belong to the same IP, IP range, or ASN, and reconstructing the final deobfuscated code can be time-consuming and sometimes impossible given many of the freely available tools. I will present a web security research project called FireShark that is capable of visiting large collections of websites at a time, executing, storing and analyzing the content, and from it identifying hundreds of malicious ecosystems of which the data, such as the normalized, deobfuscated content within them can easily be analyzed.
About us
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Statistics
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.
Contribute
To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.
