Live Dissection: Anatomy of a Browser Based Botnet

Presented at BSidesSF 2017, Feb. 12, 2017, 2:50 p.m. (30 minutes)

Browser based botnets are used for various types of attacks; from application DDoS to credentials stuffing. In this session I'll demo, share my research results, and explain the anatomy of a browser-based botnet comprising browser caching, proxy servers and the web proxy autodiscovery protocol (WPAD). I'll also explain what users and organizations can do to protect themselves from being pwned.


Presenters:

  • Ilya Nesterov - Shape Security
    Ilya Nesterov is currently an engineering manager at Shape Security. Prior to Shape, Ilya worked at F5 Networks, and earned his master's degree from Tomsk Polytechnic University. His interests include, but are not limited to, modern Web Application security threats and countermeasures, botnets, malware infrastructure, exploits and honeypot development. Ilya also works as an independent security researcher and is a speaker on security topics.

Links:

Similar Presentations: