Presented at ekoparty 14 (2018)
Sept. 26, 2018, 1:50 p.m.
We will start this workshop by showing Scapy library basic functioning, handling topics such as the creation and capturing of network packets. Then, it will be shown how to discover what devices are active in the network, through the ARP protocol.
Once finished, we will submerge in the Man In The Middle (MITM) concept, and specifically, in the MITM through de ARP Spoofing. Explaining step by step how to do it with Scapy.
Finally, we will show how to capture HTTP traffic and how to modify it instantly, so as to shoot different attack types, such as injection of malicious payloads.
HTTP traffic adjustment
Javier J. Vallejos Martínez
Securetia Co-founder. He has a degree in Informatics, a specialization in Informatics security. Professor of subjects related to cybersecurity in undergraduate degrees, college degrees and post-graduate courses. He also works as informatics surveyor at the Poder Judicial de la Nación.
Fabian Martinez Portantier
Securetia Co-founder. He owns vast experience both in the TICs field as well as in the Information Security one. Fan of Python and Linux. He has developed Habu: Python Network hacking Toolkit, AsyDNS: Asymetric DNS, among other tools. He wrote a book about informatics security and is coordinator in an informatics security course.