1. InfoconDB
  2. Black Hat
  3. Black Hat USA 2013
  4. Network Forensics: Sudden Death Workshop

Network Forensics: Sudden Death Workshop

Presented at Black Hat USA 2013, Aug. 1, 2013, 2:15 p.m. (60 minutes)

Test your Network Forensics-fu in this deadly workshop. Participants will receive a brand new release of the Network Forensics workstation and packet captures containing VoIP, streaming video, IRC traffic, proprietary protocols, TLS-encrypted traffic, Android application traffic, and more.

Wireshark won't save you in this battle royale! Competitors will have to: Reverse engineer a proprietary protocol to uncover a secret document Manually extract a streaming video from a VLC session Carve a telephone call out of SIP traffic Crack TLS-encrypted Facebook traffic from a mobile phone session to capture the suspect's location Beat every other network forensic expert to the solution The fastest network forensics expert wins! Rounds are timed, and the first person to solve each round wins a prize. Solutions will be reviewed during the workshop. You get to keep the evidence and Network Forensic workstation image.


Presenters:

  • Jonathan Neff
    Jonathan Neff is a senior system administrator and security consultant with over fifteen years of experience managing information technology infrastructures. Jonathan has designed IT solutions for businesses with high-availability requirements, government organizations, health care institutions, and scientific research groups. He has extensive experience responding to computer security incidents and developing security solutions. Jonathan is a founder of the Montana High Tech Crime Investigation Association.
  • Scott Fretheim
    Scott Fretheim is an experienced web application penetration tester and risk assessment consultant. He advises clients regarding risk management and risk analysis, and enjoys conducting security training seminars. Scott is a primary author of several network forensics contests, including the "L33t Pill" series which was first released at DEFCON 2011. Scott is a GIAC Certified Web Application Penetration Tester (GWAPT) and holds his B.S. in Management of Information Systems.

Links:

Similar Presentations: