Building a Web Attacker Dashboard with ModSecurity and BeEF

Presented at AppSec USA 2012, Oct. 25, 2012, 11 a.m. (45 minutes)

The Browser Exploit Framework (BeEF) Project is extremely popular with application pentesters as it is a powerful tool for demonstrating the impacts of leveraging XSS vulnerabilities to achieve wider compromise into an organization. What if, however, we flipped the BeEF use-case around and instead put it in the hands of web application defenders? By using the open source ModSecurity WAF, we can dynamically hook web attackers with BeEF and monitor their activities and initiate various counter-meseasures.

Presenters:

• Ryan Barnett - Lead Security Researcher - Trustwave SpiderLabs
  Ryan C. Barnett is renowned in the web application security industry for his unique expertise. After a decade of experience defending government and commercial websites, Ryan joined Trustwave SpiderLabs Research Team. He specializes in application defense research and leads the open source ModSecurity web application firewall project. In addition to his commercial work at Trustwave, Ryan is also an active contributor to many community-based security projects. He serves as the Open Web Application Security Project (OWASP) ModSecurity Core Rule Set project leader and contributor on the OWASP Top Ten and AppSensor projects. He is a Web Application Security Consortium Board Member and leads the Web Hacking Incident Database and the Distributed Web Honeypot projects. At the SANS Institute, he is a certified instructor and contributor on the Top 20 Vulnerabilities and CWE/SANS Top 25 Most Dangerous Programming Errors projects. Ryan is regularly consulted by news outlets who are seeking his insights and analysis on emerging web application attacks, trends and defensive techniques. Ryan is a frequent speaker and trainer at key industry events including Blackhat, SANS AppSec Summit and OWASP AppSecUSA. Ryan has authored two web security books with titles such as: "Preventing Web Attacks with Apache" from Pearson Publishing and the forthcoming "Web Application Defender's Cookbook: Battling Hackers and Protecting Users" from Wiley Brothers Publishing.

Links:

• https://appsecusa2012.sched.com/event/150mCWg/building-a-web-attacker-dashboard-with-modsecurity-and-beef
• https://infocon.org/cons/OWASP/AppSecUSA 2012/Building a Web Attacker Dashboard with ModSecurity and BeEF.mp4

Similar Presentations:

• Kiwicon 8: It's always 1989 in Computer Security (2014) / BeEF for Vegetarians (Hooked Browser Meshed-Networks with WebRTC)
• AppSec USA 2012 / Exploiting Internal Network Vulns via the Browser using BeEF Bind
• Black Hat USA 2012 / Hookin' Ain't Easy: BeEF Injection with MITM