Blackhat Europe: Fireshark – A Tool To Link the Malicious Web

Stephan Chenette has introduced at BlakHat Europe conference in Barcelona a new utility for Firefox, this plugin called Fireshark. Fireshark is a tool, made up of a Firefox plugin and a set of postprocessing scripts that allows you to capture web traffic from the core of your web browser, enabling you to log events and download content to disk for post-process analysis.

Over the past 12 months the number of compromised website has increased by 225%. Inserting a malicious code on website has become very often to infect users machines or redirecting victims to other malicious resource. Stephan Chenette has demonstrated how Fireshark can solve this problem by giving users list of resources that requires study of website source code.

That’s mean after identifying that the source is suspicious using Fireshark. User can start conducting more in depth analysis to on the website to classify and identify the vulnerability or exploit on the site.

The Information gathered by this plugin is stored locally in a folder under the extension .Yml and you can download the plugin here.

make sure you subscribe to my RSS feed!