SlideShare uma empresa Scribd logo

Web App Forensics

Aung Khant
Aung Khant
Tecnologia
1 de 9
Baixar para ler offline
Web Application Forensics: The Uncharted Territory By Ory Segal, Sanctum Security Group Introduction “If criminals would always schedule their movements like railway trains, it would certainly be more convenient for all of us” (Sherlock Holmes – “The valley of fear”) Well, web application hackers don’t schedule their movements – and they certainly don’t use tools and attacks, that are easily spotted or investigated. Names such as: Cross Site Scripting, Poison Null Byte and SQL Injection are just the tip of the iceberg in a new war front. IT professionals are used to monitoring network traffic, using network sniffers and state- of-the-art intrusion detection systems which analyze bizarre network behavior and watch patterns of weird packets considered as network attacks. Many companies also install tripwires and honey pots to catch hackers who are trying to hack in through defected telnet daemon
Web App Forensics
Web App Forensics
Web App Forensics
Web App Forensics
Web App Forensics
Web App Forensics
Web App Forensics
Web App Forensics

Recomendados

Konica Arora
Konica AroraKonica Arora
Konica AroraKonica Arora
 
Hacking
Hacking Hacking
Hacking SahilGothoskar
 
Man in the middle attack (mitm)
Man in the middle attack (mitm)Man in the middle attack (mitm)
Man in the middle attack (mitm)Hemal Joshi
 
Man in The Middle Attack
Man in The Middle AttackMan in The Middle Attack
Man in The Middle AttackDeepak Upadhyay
 
Man in the middle
Man in the middleMan in the middle
Man in the middleAhmadThaqifAimanAhma
 
ip spoofing by Ipshita Nandy
ip spoofing by Ipshita Nandy ip spoofing by Ipshita Nandy
ip spoofing by Ipshita NandyIpshitaNandy
 
Cryptolocker Ransomware Attack
Cryptolocker Ransomware AttackCryptolocker Ransomware Attack
Cryptolocker Ransomware AttackKeval Bhogayata
 
45
4545
45ieeeprojectsvadapalani
 

Recomendados

Konica Arora
Konica AroraKonica Arora
Konica AroraKonica Arora
 
Hacking
Hacking Hacking
Hacking SahilGothoskar
 
Man in the middle attack (mitm)
Man in the middle attack (mitm)Man in the middle attack (mitm)
Man in the middle attack (mitm)Hemal Joshi
 
Man in The Middle Attack
Man in The Middle AttackMan in The Middle Attack
Man in The Middle AttackDeepak Upadhyay
 
Man in the middle
Man in the middleMan in the middle
Man in the middleAhmadThaqifAimanAhma
 
ip spoofing by Ipshita Nandy
ip spoofing by Ipshita Nandy ip spoofing by Ipshita Nandy
ip spoofing by Ipshita NandyIpshitaNandy
 
Cryptolocker Ransomware Attack
Cryptolocker Ransomware AttackCryptolocker Ransomware Attack
Cryptolocker Ransomware AttackKeval Bhogayata
 
45
4545
45ieeeprojectsvadapalani
 
Web Application Forensics: Taxonomy and Trends
Web Application Forensics: Taxonomy and TrendsWeb Application Forensics: Taxonomy and Trends
Web Application Forensics: Taxonomy and TrendsKrassen Deltchev
 
Meditation on the gita
Meditation on the gitaMeditation on the gita
Meditation on the gitaProf. T. K. G. Namboodhiri
 
(120318) #fitalk web browser forensics - part i
(120318) #fitalk web browser forensics - part i(120318) #fitalk web browser forensics - part i
(120318) #fitalk web browser forensics - part iINSIGHT FORENSIC
 
Creating A Forensics Webpage
Creating A Forensics WebpageCreating A Forensics Webpage
Creating A Forensics WebpageSteve Bishop
 
Web and Social Media Image Forensics for News Professionals
Web and Social Media Image Forensics for News ProfessionalsWeb and Social Media Image Forensics for News Professionals
Web and Social Media Image Forensics for News ProfessionalsSymeon Papadopoulos
 
Onapsis SAP Forensics: Detecting White-Collar Cyber Crime with SAP Forensics
Onapsis SAP Forensics: Detecting White-Collar Cyber Crime with SAP ForensicsOnapsis SAP Forensics: Detecting White-Collar Cyber Crime with SAP Forensics
Onapsis SAP Forensics: Detecting White-Collar Cyber Crime with SAP ForensicsOnapsis Inc.
 
Deep Web and Digital Investigations
Deep Web and Digital Investigations Deep Web and Digital Investigations
Deep Web and Digital Investigations Damir Delija
 
Darknet
DarknetDarknet
DarknetShubham Dwivedi
 
Codebits 2010
Codebits 2010Codebits 2010
Codebits 2010Tiago Henriques
 
Hacking
HackingHacking
HackingSUNY Oneonta
 
Parag presentation on ethical hacking
Parag presentation on ethical hackingParag presentation on ethical hacking
Parag presentation on ethical hackingparag101
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
Hacking Presentation
Hacking PresentationHacking Presentation
Hacking PresentationAnimesh Behera
 
OS Fingerprinting
OS FingerprintingOS Fingerprinting
OS FingerprintingRashmika Nawaratne
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hackingaashish2cool4u
 
_lauraaviles_05082015_Week 2 Assignment
_lauraaviles_05082015_Week 2 Assignment_lauraaviles_05082015_Week 2 Assignment
_lauraaviles_05082015_Week 2 AssignmentLaura Aviles
 
Virtual Labs SniffingConsider what you have learned so far
Virtual Labs SniffingConsider what you have learned so far Virtual Labs SniffingConsider what you have learned so far
Virtual Labs SniffingConsider what you have learned so far AlleneMcclendon878
 
Modern Malware and Threats
Modern Malware and ThreatsModern Malware and Threats
Modern Malware and ThreatsMarketingArrowECS_CZ
 
Cyber Attacks on Financial _ Vikjava
Cyber Attacks on Financial _ VikjavaCyber Attacks on Financial _ Vikjava
Cyber Attacks on Financial _ VikjavaSecurity Bootcamp
 
Types of Wireless Network Attacks
Types of Wireless Network AttacksTypes of Wireless Network Attacks
Types of Wireless Network AttacksTheSecureRadius
 
Discovery of Compromised Machines
Discovery of Compromised MachinesDiscovery of Compromised Machines
Discovery of Compromised MachinesAnton Chuvakin
 
Order vs. Mad Science: Analyzing Black Hat Swarm Intelligence
Order vs. Mad Science: Analyzing Black Hat Swarm IntelligenceOrder vs. Mad Science: Analyzing Black Hat Swarm Intelligence
Order vs. Mad Science: Analyzing Black Hat Swarm IntelligencePriyanka Aash
 

Mais conteúdo relacionado

Destaque

Web Application Forensics: Taxonomy and Trends
Web Application Forensics: Taxonomy and TrendsWeb Application Forensics: Taxonomy and Trends
Web Application Forensics: Taxonomy and TrendsKrassen Deltchev
 
(120318) #fitalk web browser forensics - part i
(120318) #fitalk web browser forensics - part i(120318) #fitalk web browser forensics - part i
(120318) #fitalk web browser forensics - part iINSIGHT FORENSIC
 
Creating A Forensics Webpage
Creating A Forensics WebpageCreating A Forensics Webpage
Creating A Forensics WebpageSteve Bishop
 
Web and Social Media Image Forensics for News Professionals
Web and Social Media Image Forensics for News ProfessionalsWeb and Social Media Image Forensics for News Professionals
Web and Social Media Image Forensics for News ProfessionalsSymeon Papadopoulos
 
Onapsis SAP Forensics: Detecting White-Collar Cyber Crime with SAP Forensics
Onapsis SAP Forensics: Detecting White-Collar Cyber Crime with SAP ForensicsOnapsis SAP Forensics: Detecting White-Collar Cyber Crime with SAP Forensics
Onapsis SAP Forensics: Detecting White-Collar Cyber Crime with SAP ForensicsOnapsis Inc.
 
Deep Web and Digital Investigations
Deep Web and Digital Investigations Deep Web and Digital Investigations
Deep Web and Digital Investigations Damir Delija
 

Destaque (9)

Web Application Forensics: Taxonomy and Trends
Web Application Forensics: Taxonomy and TrendsWeb Application Forensics: Taxonomy and Trends
Web Application Forensics: Taxonomy and Trends
 
Meditation on the gita
Meditation on the gitaMeditation on the gita
Meditation on the gita
 
(120318) #fitalk web browser forensics - part i
(120318) #fitalk web browser forensics - part i(120318) #fitalk web browser forensics - part i
(120318) #fitalk web browser forensics - part i
 
Creating A Forensics Webpage
Creating A Forensics WebpageCreating A Forensics Webpage
Creating A Forensics Webpage
 
Web and Social Media Image Forensics for News Professionals
Web and Social Media Image Forensics for News ProfessionalsWeb and Social Media Image Forensics for News Professionals
Web and Social Media Image Forensics for News Professionals
 
Onapsis SAP Forensics: Detecting White-Collar Cyber Crime with SAP Forensics
Onapsis SAP Forensics: Detecting White-Collar Cyber Crime with SAP ForensicsOnapsis SAP Forensics: Detecting White-Collar Cyber Crime with SAP Forensics
Onapsis SAP Forensics: Detecting White-Collar Cyber Crime with SAP Forensics
 
Deep Web and Digital Investigations
Deep Web and Digital Investigations Deep Web and Digital Investigations
Deep Web and Digital Investigations
 
Darknet
DarknetDarknet
Darknet
 
Codebits 2010
Codebits 2010Codebits 2010
Codebits 2010
 

Semelhante a Web App Forensics

Parag presentation on ethical hacking
Parag presentation on ethical hackingParag presentation on ethical hacking
Parag presentation on ethical hackingparag101
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
_lauraaviles_05082015_Week 2 Assignment
_lauraaviles_05082015_Week 2 Assignment_lauraaviles_05082015_Week 2 Assignment
_lauraaviles_05082015_Week 2 AssignmentLaura Aviles
 
Virtual Labs SniffingConsider what you have learned so far
Virtual Labs SniffingConsider what you have learned so far Virtual Labs SniffingConsider what you have learned so far
Virtual Labs SniffingConsider what you have learned so far AlleneMcclendon878
 
Cyber Attacks on Financial _ Vikjava
Cyber Attacks on Financial _ VikjavaCyber Attacks on Financial _ Vikjava
Cyber Attacks on Financial _ VikjavaSecurity Bootcamp
 
Types of Wireless Network Attacks
Types of Wireless Network AttacksTypes of Wireless Network Attacks
Types of Wireless Network AttacksTheSecureRadius
 
Discovery of Compromised Machines
Discovery of Compromised MachinesDiscovery of Compromised Machines
Discovery of Compromised MachinesAnton Chuvakin
 
Order vs. Mad Science: Analyzing Black Hat Swarm Intelligence
Order vs. Mad Science: Analyzing Black Hat Swarm IntelligenceOrder vs. Mad Science: Analyzing Black Hat Swarm Intelligence
Order vs. Mad Science: Analyzing Black Hat Swarm IntelligencePriyanka Aash
 
Cryptography And Embedded Systems Used
Cryptography And Embedded Systems UsedCryptography And Embedded Systems Used
Cryptography And Embedded Systems UsedCarla Bennington
 
Virus Bulletin 2018: Lazarus Group a mahjong game played with different sets ...
Virus Bulletin 2018: Lazarus Group a mahjong game played with different sets ...Virus Bulletin 2018: Lazarus Group a mahjong game played with different sets ...
Virus Bulletin 2018: Lazarus Group a mahjong game played with different sets ...Peter Kálnai
 
NetworkWorld-SafeBreach
NetworkWorld-SafeBreachNetworkWorld-SafeBreach
NetworkWorld-SafeBreachDan Kunkel
 

Semelhante a Web App Forensics (20)

Hacking
HackingHacking
Hacking
 
Parag presentation on ethical hacking
Parag presentation on ethical hackingParag presentation on ethical hacking
Parag presentation on ethical hacking
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing Basics
 
Hacking Presentation
Hacking PresentationHacking Presentation
Hacking Presentation
 
OS Fingerprinting
OS FingerprintingOS Fingerprinting
OS Fingerprinting
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
_lauraaviles_05082015_Week 2 Assignment
_lauraaviles_05082015_Week 2 Assignment_lauraaviles_05082015_Week 2 Assignment
_lauraaviles_05082015_Week 2 Assignment
 
Virtual Labs SniffingConsider what you have learned so far
Virtual Labs SniffingConsider what you have learned so far Virtual Labs SniffingConsider what you have learned so far
Virtual Labs SniffingConsider what you have learned so far
 
Modern Malware and Threats
Modern Malware and ThreatsModern Malware and Threats
Modern Malware and Threats
 
Cyber Attacks on Financial _ Vikjava
Cyber Attacks on Financial _ VikjavaCyber Attacks on Financial _ Vikjava
Cyber Attacks on Financial _ Vikjava
 
Types of Wireless Network Attacks
Types of Wireless Network AttacksTypes of Wireless Network Attacks
Types of Wireless Network Attacks
 
Discovery of Compromised Machines
Discovery of Compromised MachinesDiscovery of Compromised Machines
Discovery of Compromised Machines
 
Order vs. Mad Science: Analyzing Black Hat Swarm Intelligence
Order vs. Mad Science: Analyzing Black Hat Swarm IntelligenceOrder vs. Mad Science: Analyzing Black Hat Swarm Intelligence
Order vs. Mad Science: Analyzing Black Hat Swarm Intelligence
 
Cryptography And Embedded Systems Used
Cryptography And Embedded Systems UsedCryptography And Embedded Systems Used
Cryptography And Embedded Systems Used
 
my new HACKING
my new HACKINGmy new HACKING
my new HACKING
 
Security_Bootcamp_Intro
Security_Bootcamp_IntroSecurity_Bootcamp_Intro
Security_Bootcamp_Intro
 
Virus Bulletin 2018: Lazarus Group a mahjong game played with different sets ...
Virus Bulletin 2018: Lazarus Group a mahjong game played with different sets ...Virus Bulletin 2018: Lazarus Group a mahjong game played with different sets ...
Virus Bulletin 2018: Lazarus Group a mahjong game played with different sets ...
 
Information Security Engineering
Information Security EngineeringInformation Security Engineering
Information Security Engineering
 
NetworkWorld-SafeBreach
NetworkWorld-SafeBreachNetworkWorld-SafeBreach
NetworkWorld-SafeBreach
 
Network Miner Network forensics
Network Miner Network forensicsNetwork Miner Network forensics
Network Miner Network forensics
 

Mais de Aung Khant

Introducing Msd
Introducing MsdIntroducing Msd
Introducing MsdAung Khant
 
Securing Php App
Securing Php AppSecuring Php App
Securing Php AppAung Khant
 
Securing Web Server Ibm
Securing Web Server IbmSecuring Web Server Ibm
Securing Web Server IbmAung Khant
 
Security Design Patterns
Security Design PatternsSecurity Design Patterns
Security Design PatternsAung Khant
 
Security Code Review
Security Code ReviewSecurity Code Review
Security Code ReviewAung Khant
 
Security Engineering Executive
Security Engineering ExecutiveSecurity Engineering Executive
Security Engineering ExecutiveAung Khant
 
Security Engineeringwith Patterns
Security Engineeringwith PatternsSecurity Engineeringwith Patterns
Security Engineeringwith PatternsAung Khant
 
Security Web Servers
Security Web ServersSecurity Web Servers
Security Web ServersAung Khant
 
Security Testing Web App
Security Testing Web AppSecurity Testing Web App
Security Testing Web AppAung Khant
 
Session Fixation
Session FixationSession Fixation
Session FixationAung Khant
 
Sql Injection Paper
Sql Injection PaperSql Injection Paper
Sql Injection PaperAung Khant
 
Sql Injection Adv Owasp
Sql Injection Adv OwaspSql Injection Adv Owasp
Sql Injection Adv OwaspAung Khant
 
Php Security Iissues
Php Security IissuesPhp Security Iissues
Php Security IissuesAung Khant
 
Sql Injection White Paper
Sql Injection White PaperSql Injection White Paper
Sql Injection White PaperAung Khant
 
S Vector4 Web App Sec Management
S Vector4 Web App Sec ManagementS Vector4 Web App Sec Management
S Vector4 Web App Sec ManagementAung Khant
 
Php Security Value1
Php Security Value1Php Security Value1
Php Security Value1Aung Khant
 
Privilege Escalation
Privilege EscalationPrivilege Escalation
Privilege EscalationAung Khant
 
Php Security Workshop
Php Security WorkshopPhp Security Workshop
Php Security WorkshopAung Khant
 
Preventing Xs Sin Perl Apache
Preventing Xs Sin Perl ApachePreventing Xs Sin Perl Apache
Preventing Xs Sin Perl ApacheAung Khant
 

Mais de Aung Khant (20)

Introducing Msd
Introducing MsdIntroducing Msd
Introducing Msd
 
Securing Php App
Securing Php AppSecuring Php App
Securing Php App
 
Securing Web Server Ibm
Securing Web Server IbmSecuring Web Server Ibm
Securing Web Server Ibm
 
Security Design Patterns
Security Design PatternsSecurity Design Patterns
Security Design Patterns
 
Security Code Review
Security Code ReviewSecurity Code Review
Security Code Review
 
Security Engineering Executive
Security Engineering ExecutiveSecurity Engineering Executive
Security Engineering Executive
 
Security Engineeringwith Patterns
Security Engineeringwith PatternsSecurity Engineeringwith Patterns
Security Engineeringwith Patterns
 
Security Web Servers
Security Web ServersSecurity Web Servers
Security Web Servers
 
Security Testing Web App
Security Testing Web AppSecurity Testing Web App
Security Testing Web App
 
Session Fixation
Session FixationSession Fixation
Session Fixation
 
Sql Injection Paper
Sql Injection PaperSql Injection Paper
Sql Injection Paper
 
Sql Injection Adv Owasp
Sql Injection Adv OwaspSql Injection Adv Owasp
Sql Injection Adv Owasp
 
Php Security Iissues
Php Security IissuesPhp Security Iissues
Php Security Iissues
 
Sql Injection White Paper
Sql Injection White PaperSql Injection White Paper
Sql Injection White Paper
 
S Shah Web20
S Shah Web20S Shah Web20
S Shah Web20
 
S Vector4 Web App Sec Management
S Vector4 Web App Sec ManagementS Vector4 Web App Sec Management
S Vector4 Web App Sec Management
 
Php Security Value1
Php Security Value1Php Security Value1
Php Security Value1
 
Privilege Escalation
Privilege EscalationPrivilege Escalation
Privilege Escalation
 
Php Security Workshop
Php Security WorkshopPhp Security Workshop
Php Security Workshop
 
Preventing Xs Sin Perl Apache
Preventing Xs Sin Perl ApachePreventing Xs Sin Perl Apache
Preventing Xs Sin Perl Apache
 

Último

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)Samir Dash
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMKumar Satyam
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 

Último (20)

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 

Web App Forensics

  • 1. Web Application Forensics: The Uncharted Territory By Ory Segal, Sanctum Security Group Introduction “If criminals would always schedule their movements like railway trains, it would certainly be more convenient for all of us” (Sherlock Holmes – “The valley of fear”) Well, web application hackers don’t schedule their movements – and they certainly don’t use tools and attacks, that are easily spotted or investigated. Names such as: Cross Site Scripting, Poison Null Byte and SQL Injection are just the tip of the iceberg in a new war front. IT professionals are used to monitoring network traffic, using network sniffers and state- of-the-art intrusion detection systems which analyze bizarre network behavior and watch patterns of weird packets considered as network attacks. Many companies also install tripwires and honey pots to catch hackers who are trying to hack in through defected telnet daemon