Deep-dive into modern network fingerprinting
Event description
Deep-dive into modern network fingerprinting
Level of Instruction: Advanced
Instructed by: Vlad Iliushin
Abstract:
In this hands-on workshop you’ll move beyond the theory of network fingerprinting and actually use them in practice at both the TCP and TLS layers. Working in live lab environments, you will:
1. Capture real TLS ClientHello and TCP handshake packets with muonfp, p0f, ja3, ja3n and ja4
2. Normalize the JA3 into JA3n, overcoming TLS extension shuffle of modern browsers
3. Translate MuonFP fingerprint detections into classic p0f signatures
4. Compile those signatures into BPF and iptables bytecode to dynamically block scanners
5. Detect & block mass-scan traffic from ZMap and Masscan in real time without interrupting any other traffic.
6. Forge your own fingerprints (Windows, Linux, common browsers) with Scapy, then validate that your defenses can’t tell you apart.
Tickets for good, not greed Humanitix dedicates 100% of profits from booking fees to charity
