More dates

Payment plans available!

How payment plans work

  • Your order will be reserved but sent to you only after the full payment plan has been completed.
  • A minimum upfront payment is required to secure your order. This includes a surcharge, a non-refundable cancellation fee, and a refundable deposit.
  • You’ll receive a notification before each payment attempt. You must ensure sufficient funds are available.

Deep-dive into modern network fingerprinting

DEF CON Workshops
Host icon
DEF CON Workshops
244 followers  ·  Contact host (Opens in new tab)
Add to calendar

Sat, Aug 9, 2pm - 6pm PDT

Event description

Deep-dive into modern network fingerprinting

Level of Instruction: Advanced

Instructed by: Vlad Iliushin

Abstract:

In this hands-on workshop you’ll move beyond the theory of network fingerprinting and actually use them in practice at both the TCP and TLS layers. Working in live lab environments, you will:

1. Capture real TLS ClientHello and TCP handshake packets with muonfp, p0f, ja3, ja3n and ja4

2. Normalize the JA3 into JA3n, overcoming TLS extension shuffle of modern browsers

3. Translate MuonFP fingerprint detections into classic p0f signatures

4. Compile those signatures into BPF and iptables bytecode to dynamically block scanners

5. Detect & block mass-scan traffic from ZMap and Masscan in real time without interrupting any other traffic.

6. Forge your own fingerprints (Windows, Linux, common browsers) with Scapy, then validate that your defenses can’t tell you apart.


Powered by

Tickets for good, not greed Humanitix dedicates 100% of profits from booking fees to charity

DEF CON Workshops
Host icon
Hosted by DEF CON Workshops