🕘 Day of Shecurity 2018

Jun 16, 2018

Agenda

  • 9:30-12 Burp Suite Workshop
  • 12-1 Lunch
  • ?? - Robert Fly, Nicole Fish - Oh, the Humanity: Using Behavioral Science To Improve Security
  • 3:30-4:15pm Heather Eggers:  How to Communicate Information Security Risks and Drive Meaningful Action

Keynote

Deidre Diamond - CyberSN/Brainbabe, Vijaya Kaza - Lookout, Astha Singhal - OWASP
  • Lookout report on how data including numbers, names, addresses, bank passcodes, PIN numbers, how many times each contact was dialed, and the last time the contact was called.
  • “We’re dealing with cyberwars amongst nations”

Burp Suite Workshop

Jason Haddix (@Jhaddix)
  • Don’t leak your creds. If you use Chrome for your day-to-day make sure you have a specific Chrome profile or use a different browser.
  • Useful Chrome Extensions
  • LinkClump - right click and drag over any link to open all links associated with a menu
  • good for “spidering pages”
  • copy and paste a bunch of links at once
Scoping 
  • You can scope requests by Target → Scope and entering regex/keywords to only target specific domains
  • The filter ribbon allows you to define what kind of requests will appear in the HTTP history
 
User-uploaded image: image.png

  • Context menu on requests allow you to do several Send To actions
  • Send to intruder
  • Send to repeater
  • allows you to manipulate a request and replay it.
  • It’s more useful to sort requests in descending order to see the most recent at the top.

Spidering
  • Allows you to do intentional crawling of a site and find pages that aren’t evident at first glance (basically build a full site map)
 
User-uploaded image: image.png

  • Can even attempt to log in to or submit things that look like forms
  • You can set how many links deep you want to crawl
  • You should turn off automatic form submissions and passive spidering as you browse (it’s kind of workflow disruptive).
  • You may also want to throttle requests to avoid getting banned.
  • Captchas can be tricky - image selection ones are not possible to bypass automatically.
  • You can use burp to resolve a list of common words like admin to find pages (Content Discovery) that would not be linked to anywhere on the site.


Content Discovery
 
User-uploaded image: image.png
Hidden in a context menu
  • DirSearch is actually a better tool for this. It’s a CLI equivalent.
  • has a better content short list for discovery