A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
ISDPodcast Button
RootSecure Button
Social-engineer-training Button
Irongeek Button

Web Hosting:
Dreamhost Logo
Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Fun with WebSockets using Socket Puppet - Mister Glass (Weasel) (BSides Las Vegas 2013) (Hacking Illustrated Series InfoSec Tutorial Videos)

Fun with WebSockets using Socket Puppet - Mister Glass (Weasel)

WebSockets are HTML5s solution for low latency communications. Support is now stable in major browsers, and developers are starting to use them for chat, games, videoconferencing, and other applications. Despite its growing adoption, WebSockets are difficult for pen testers to mess with. Tools are starting to catch up - wireshark, fiddler & chrome will let you view WebSocket traffic, but there is no simple system currently available to tamper with these messages. This summer I plan to release Socket Puppet, a chrome extension designed to fill this need, and I want to release it at BSides.

BIO: A New Jersey based web developer with a strong interest in security. By day, he builds websites in PHP, Python, HTML5, CSS3, JS, and anything else that will get the job done. In his spare time he plays video games, goes to cons, keeps up with security research, and pokes around with the latest tech he can get his hands on. He studied computer science at Yeshiva University & is also a GWAPT if you actually care about certs.

 

Back to BSides Las Vegas 2013 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2014, IronGeek
Louisville / Kentuckiana Information Security Enthusiast