Publication Details

Intercepting and Collecting Web Evidence in the Times of TLS1.3 and HTTP 3.0

PLUSKAL Jan and VESELÝ Vladimír. Intercepting and Collecting Web Evidence in the Times of TLS1.3 and HTTP 3.0. Dubaj, 2021.
Czech title
Zachycování a shromažďování webových důkazů v době TLS1.3 a HTTP 3.0
Type
audiovisual production
Language
english
Authors
Pluskal Jan, Ing. (DIFS FIT BUT)
Veselý Vladimír, Ing., Ph.D. (DIFS FIT BUT)
Keywords

web scraping, TLS/SSL, MitM, HTTP

Abstract

The presentation introduces methods addressing both of these phenomena - intercepting TLS/SSL connections with the help of man-in-the-middle attack employing proxy and automatically creating snapshots of problematic web pages.  Speakers outline necessary theory (including news about TLS 1.3, HSTS, HTTP3.0),  well-known attacks (e.g., renegotiation, downgrade, cipherspec change,  and others), and industry-standard tools for traffic analysis (such as Wireshark, Fiddler proxy, SSL-Split) and decoding (e.g., Selenium, Scrapy).

Published
2021
Pages
50
Place
Dubaj, AE
Back to top