[podcast] Application Profiling with FingerprinTLS!

Join Cybrary

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATION
Already a Member Login Here

< Back to Blog Posts

[podcast] Application Profiling with FingerprinTLS!

Published: February 17, 2016 | By: BrBr | Views: 838
save

We first heard about FingerprinTLS from our friend Lee Brotherston at DerbyCon last September. Very intrigued by how he was able to fingerprint client applications being used, we finally were able to get him on to discuss this.

We do a bit of history about #TLS, and the versions from 1.0 to 1.2

Lee gives us some examples on how FingerprintTLS might be used by red teamers or pentest agents to see what applications a client has on their system, or if you’re a blue team that has specific application limitations, you can find out if someone has installed an unauthorized product, or you could even block unknown applications using this method by sensing the application and then creating an IPS rule from the fingerprint.

Finally, something a bit special… we have a demo on our Youtube site that you can view his application in action!

Video demo: https://youtu.be/im6un0cB3Ns

 

 

https://upload.wikimedia.org/wikipedia/commons/thumb/4/46/Diffie-Hellman_Key_Exchange.svg/2000px-Diffie-Hellman_Key_Exchange.svg.png

http://blog.squarelemon.com/tls-fingerprinting/

https://github.com/LeeBrotherston/tls-fingerprinting

http://www.slideshare.net/LeeBrotherston/tls-fingerprinting-sectorca-edition

https://www.youtube.com/watch?v=XX0FRAy2Mec

http://2015.video.sector.ca/video/144175700

Cisco blog on malware using TLS… http://blogs.cisco.com/security/malwares-use-of-tls-and-encryption

 

Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/

BrakeSec Podcast Twitter: http://www.twitter.com/brakesec

Bryan’s Twitter: http://www.twitter.com/bryanbrake

Brian’s Twitter: http://www.twitter.com/boettcherpwned

Join our Patreon!: https://www.patreon.com/bds_podcast

Tumblr: http://brakeingdownsecurity.tumblr.com/

RSS FEED: http://www.brakeingsecurity.com/rss

Comments, Questions, Feedback: bds.podcast@gmail.com

**NEW** Google Play Store: https://play.google.com/music/podcasts/portal/#p:id=playpodcast/series&a=100584969

**NEW** Listen to us on Player.FM!! : https://player.fm/series/brakeing-down-security-podcast

iTunes: https://itunes.apple.com/us/podcast/2016-007-fingerprintls-profiling/id799131292?i=362885277&mt=2

Direct Download: http://traffic.libsyn.com/brakeingsecurity/2016-007-FingerprinTLS_with_Lee_Brotherston.mp3

< Back to Blog Posts
Enjoy this blog post? Want more Cybytes?
Invite a Friend
and share now
Facebook Twitter Google+ LinkedIn Email
Join Cybrary
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel