httpscreenshot - A Tool for Both Teams

Presented at ShmooCon XI (2015), Jan. 17, 2015, noon (60 minutes).

httpscreenshot is a tool developed internally over the past year and a half. It has become one of our go to tools for the reconnaissance phase of every penetration test. The tool itself takes a list of addresses, domains, URLs, and visits each in a browser, parses SSL certificates to add new hosts, and captures a screenshot/HTML of the browser instance. Similar tools exist but none met our needs with regards to speed (threaded), features (JavaScript support, SSL auto detection and certificate scraping), and reliability.

The cluster portion of the tool will go through and group "similar" websites together, where "similar" is determined by a fuzzy matching metric.

This tool can be used by both blue and red teams. The blue teams can use this tool to quickly create an inventory of applications and devices they have running in their environments. This inventory will allow them to quickly see if there is anything running in their environment that they may not know about which should be secured or in many cases removed.

The red teams can use this tool to quickly create the same inventory as part of our reconnaissance, which is often very effective in identifying potential target assets.


Presenters:

  • Steve Breen
    Justin has been a security hobbyist since the early 2000's. He's held positions on both blue and red teams in the information security industry since 2008. Justin currently leads an Offensive Security team and spends his down time participating in bug bounties.
  • Justin Kennedy
    Steve is a former software developer turned pentester who has a knack for making software do things it was never intended to do. Steve is a senior security consultant on the Offensive Security team and spends his down time on research projects and development. He also presented his research in vulnerabilities in MDM solutions at BH USA 2014.

Similar Presentations: