Ads networks are everywhere. They are annoying, intrusive, and every couple of month one of them gets compromised and does nasty things to visitors. But how bad is it in practice? This talk will present an open source tool aiming to help an analyst or an internal auditor to figure out what is going on on a specific website.
We talk about going to webpages. But really, webpages come to us, and increasingly dozens of companies at a time do complicated and invisible things on our computers with every site we "visit". This has gotten so obfuscated that popular websites using ad technology, plug-ins, and tools from various vendors are often as ignorant of what they're serving as their users are of what they're receiving. This has resulted in rampant privacy violations, broken features, and even major media sites unintentionally serving malware.
We make Lookyloo to help. Lookylook builds a tree view of all domains loaded from a specific URL and what those domains are up to. It can traverse a site to a user-specified depth, mimicking a legitimate user. We used Splash to make a full browser, executing Javascript, following redirects, and capturing cookies, and then returning a HTTP Archive (.har) file. We build a visualization from the .har files that allows a site administrator (or user) to track the trackers.