Explore the intricacies of forensic investigations in web exploitations through this 53-minute conference talk by Ondrej Krehel, presented by the OWASP Foundation. Delve into the combined effort of various technologies required to investigate hacking incidents, uncovering evidence and forensic artifacts in different forms and formats. Learn about network forensics as a crucial component in identifying compromised hosts, capturing and reconstructing malicious sessions. Discover how to replay attacks on web vulnerabilities and uncover transmitted data. Gain insights into open-source tools used for investigating web-compromised hosts and network forensics, and understand how these tools can significantly supplement electronic evidence. Examine the structure of various network protocols and observe the practical application of open-source network forensic tools on traffic captured from a hacked web server. Analyze and reconstruct captured traffic, discussing the various artifacts found during the investigation process.
Forensic Investigations of Web Exploitations - Ondrej Krehel
Taught by
OWASP Foundation
5.0 rating, based on 1 Class Central review
Showing Class Central Sort
The class on "Forensic Investigations of Web Exploitations" was great and extremely informative. It covered key aspects of investigating web-based attacks, including how to analyze compromised systems and trace the methods used by attackers. We learned about important steps like data collection from logs and network traffic, analyzing malware or malicious scripts, and identifying vulnerabilities such as SQL injection and XSS. The class emphasized the importance of documenting findings for legal purposes and enhancing future security measures. It provided a thorough understanding of how forensic experts handle web exploit investigations to improve overall cybersecurity.