Submit Search
Upload
Defcon 18: FOCA 2
•
Download as PPT, PDF
•
11 likes
•
14,617 views
Chema Alonso
Follow
Slides used by Jose Palazon PALAKO and Chema Alonso to present FOCA 2 in Defcon 18
Read less
Read more
Report
Share
Report
Share
1 of 43
Download now
Recommended
Metasploit For Beginners
Metasploit For Beginners
Ramnath Shenoy
Hide Android applications in images
Hide Android applications in images
Ange Albertini
Secure Computer Forensics and its tools
Secure Computer Forensics and its tools
Kathirvel Ayyaswamy
Open Source Security
Open Source Security
Sander Temme
8.8 Las Vegas - Adversary Emulation con C2 Matrix
8.8 Las Vegas - Adversary Emulation con C2 Matrix
Jorge Orchilles
Cyber Security Extortion: Defending Against Digital Shakedowns
Cyber Security Extortion: Defending Against Digital Shakedowns
CrowdStrike
Propositional And First-Order Logic
Propositional And First-Order Logic
ankush_kumar
Security threats and attacks in cyber security
Security threats and attacks in cyber security
Shri ramswaroop college of engineering and management
Recommended
Metasploit For Beginners
Metasploit For Beginners
Ramnath Shenoy
Hide Android applications in images
Hide Android applications in images
Ange Albertini
Secure Computer Forensics and its tools
Secure Computer Forensics and its tools
Kathirvel Ayyaswamy
Open Source Security
Open Source Security
Sander Temme
8.8 Las Vegas - Adversary Emulation con C2 Matrix
8.8 Las Vegas - Adversary Emulation con C2 Matrix
Jorge Orchilles
Cyber Security Extortion: Defending Against Digital Shakedowns
Cyber Security Extortion: Defending Against Digital Shakedowns
CrowdStrike
Propositional And First-Order Logic
Propositional And First-Order Logic
ankush_kumar
Security threats and attacks in cyber security
Security threats and attacks in cyber security
Shri ramswaroop college of engineering and management
Adversary Emulation and the C2 Matrix
Adversary Emulation and the C2 Matrix
Jorge Orchilles
DDoS
DDoS
Milan Petrásek
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting season
Ben Boyd
Icecrown citadel 10 man doc
Icecrown citadel 10 man doc
amelija123
Sentiment analysis and opinion mining Ch.7
Sentiment analysis and opinion mining Ch.7
PC LO
Pentesting with Metasploit
Pentesting with Metasploit
Prakashchand Suthar
Bear Hunting: History and Attribution of Russian Intelligence Operations
Bear Hunting: History and Attribution of Russian Intelligence Operations
CrowdStrike
Cyber Warfare 4TH edition
Cyber Warfare 4TH edition
Jorge Sebastiao
Ransomware attack
Ransomware attack
Amna
Text classification using Text kernels
Text classification using Text kernels
Dev Nath
Windows Incident Response is hard, but doesn't have to be
Windows Incident Response is hard, but doesn't have to be
Michael Gough
Adversary Emulation Workshop
Adversary Emulation Workshop
prithaaash
Illuminating the dark web
Illuminating the dark web
Jisc
DDoS Attacks
DDoS Attacks
Jignesh Patel
Red teaming probably isn't for you
Red teaming probably isn't for you
Toby Kohlenberg
SCYTHE Purple Team Workshop with Tim Schulz
SCYTHE Purple Team Workshop with Tim Schulz
Jorge Orchilles
Probabilistic programming
Probabilistic programming
Eli Gottlieb
Catch Me If You Can: PowerShell Red vs Blue
Catch Me If You Can: PowerShell Red vs Blue
Will Schroeder
External service interaction
External service interaction
Pawan Phogat
Daa unit 4
Daa unit 4
Abhimanyu Mishra
Tutorial de-foca
Tutorial de-foca
Jeffry Roldan
Libro de Seguridad en Redes
Libro de Seguridad en Redes
Telefónica
More Related Content
What's hot
Adversary Emulation and the C2 Matrix
Adversary Emulation and the C2 Matrix
Jorge Orchilles
DDoS
DDoS
Milan Petrásek
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting season
Ben Boyd
Icecrown citadel 10 man doc
Icecrown citadel 10 man doc
amelija123
Sentiment analysis and opinion mining Ch.7
Sentiment analysis and opinion mining Ch.7
PC LO
Pentesting with Metasploit
Pentesting with Metasploit
Prakashchand Suthar
Bear Hunting: History and Attribution of Russian Intelligence Operations
Bear Hunting: History and Attribution of Russian Intelligence Operations
CrowdStrike
Cyber Warfare 4TH edition
Cyber Warfare 4TH edition
Jorge Sebastiao
Ransomware attack
Ransomware attack
Amna
Text classification using Text kernels
Text classification using Text kernels
Dev Nath
Windows Incident Response is hard, but doesn't have to be
Windows Incident Response is hard, but doesn't have to be
Michael Gough
Adversary Emulation Workshop
Adversary Emulation Workshop
prithaaash
Illuminating the dark web
Illuminating the dark web
Jisc
DDoS Attacks
DDoS Attacks
Jignesh Patel
Red teaming probably isn't for you
Red teaming probably isn't for you
Toby Kohlenberg
SCYTHE Purple Team Workshop with Tim Schulz
SCYTHE Purple Team Workshop with Tim Schulz
Jorge Orchilles
Probabilistic programming
Probabilistic programming
Eli Gottlieb
Catch Me If You Can: PowerShell Red vs Blue
Catch Me If You Can: PowerShell Red vs Blue
Will Schroeder
External service interaction
External service interaction
Pawan Phogat
Daa unit 4
Daa unit 4
Abhimanyu Mishra
What's hot
(20)
Adversary Emulation and the C2 Matrix
Adversary Emulation and the C2 Matrix
DDoS
DDoS
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting season
Icecrown citadel 10 man doc
Icecrown citadel 10 man doc
Sentiment analysis and opinion mining Ch.7
Sentiment analysis and opinion mining Ch.7
Pentesting with Metasploit
Pentesting with Metasploit
Bear Hunting: History and Attribution of Russian Intelligence Operations
Bear Hunting: History and Attribution of Russian Intelligence Operations
Cyber Warfare 4TH edition
Cyber Warfare 4TH edition
Ransomware attack
Ransomware attack
Text classification using Text kernels
Text classification using Text kernels
Windows Incident Response is hard, but doesn't have to be
Windows Incident Response is hard, but doesn't have to be
Adversary Emulation Workshop
Adversary Emulation Workshop
Illuminating the dark web
Illuminating the dark web
DDoS Attacks
DDoS Attacks
Red teaming probably isn't for you
Red teaming probably isn't for you
SCYTHE Purple Team Workshop with Tim Schulz
SCYTHE Purple Team Workshop with Tim Schulz
Probabilistic programming
Probabilistic programming
Catch Me If You Can: PowerShell Red vs Blue
Catch Me If You Can: PowerShell Red vs Blue
External service interaction
External service interaction
Daa unit 4
Daa unit 4
Viewers also liked
Tutorial de-foca
Tutorial de-foca
Jeffry Roldan
Libro de Seguridad en Redes
Libro de Seguridad en Redes
Telefónica
Índice del libro "Hacking Web Technologies"
Índice del libro "Hacking Web Technologies"
Telefónica
CyberCamp 2015: Low Hanging Fruit
CyberCamp 2015: Low Hanging Fruit
Chema Alonso
Chema Alonso - Presentación de la FOCA v2.0 [RootedCON 2010]
Chema Alonso - Presentación de la FOCA v2.0 [RootedCON 2010]
RootedCON
Portátiles A Prueba De Robos
Portátiles A Prueba De Robos
Chema Alonso
Seguridad en Navegadores
Seguridad en Navegadores
Chema Alonso
Default Passwords: Adelante por favor
Default Passwords: Adelante por favor
Chema Alonso
Fortificación de MS SharePon
Fortificación de MS SharePon
Chema Alonso
Circuitos de Video Vigilancia IP
Circuitos de Video Vigilancia IP
Chema Alonso
Navegadores en la Empresa
Navegadores en la Empresa
Chema Alonso
MS Forefront Client Security
MS Forefront Client Security
Chema Alonso
Seguridad en Apache Web Server
Seguridad en Apache Web Server
Chema Alonso
Asegúr@IT 7: Serialized SQL Injection
Asegúr@IT 7: Serialized SQL Injection
Chema Alonso
Connection String Parameter Pollution Attacks
Connection String Parameter Pollution Attacks
Chema Alonso
Apadrina un malware
Apadrina un malware
Chema Alonso
RootedCON 2011: DUST
RootedCON 2011: DUST
Chema Alonso
Hacking, Ciberguerra y otros Palabros
Hacking, Ciberguerra y otros Palabros
Chema Alonso
Asegúr@IT 7 - Forefront UAG 2010
Asegúr@IT 7 - Forefront UAG 2010
Chema Alonso
MetaShield Protector & FOCA 2.0
MetaShield Protector & FOCA 2.0
Chema Alonso
Viewers also liked
(20)
Tutorial de-foca
Tutorial de-foca
Libro de Seguridad en Redes
Libro de Seguridad en Redes
Índice del libro "Hacking Web Technologies"
Índice del libro "Hacking Web Technologies"
CyberCamp 2015: Low Hanging Fruit
CyberCamp 2015: Low Hanging Fruit
Chema Alonso - Presentación de la FOCA v2.0 [RootedCON 2010]
Chema Alonso - Presentación de la FOCA v2.0 [RootedCON 2010]
Portátiles A Prueba De Robos
Portátiles A Prueba De Robos
Seguridad en Navegadores
Seguridad en Navegadores
Default Passwords: Adelante por favor
Default Passwords: Adelante por favor
Fortificación de MS SharePon
Fortificación de MS SharePon
Circuitos de Video Vigilancia IP
Circuitos de Video Vigilancia IP
Navegadores en la Empresa
Navegadores en la Empresa
MS Forefront Client Security
MS Forefront Client Security
Seguridad en Apache Web Server
Seguridad en Apache Web Server
Asegúr@IT 7: Serialized SQL Injection
Asegúr@IT 7: Serialized SQL Injection
Connection String Parameter Pollution Attacks
Connection String Parameter Pollution Attacks
Apadrina un malware
Apadrina un malware
RootedCON 2011: DUST
RootedCON 2011: DUST
Hacking, Ciberguerra y otros Palabros
Hacking, Ciberguerra y otros Palabros
Asegúr@IT 7 - Forefront UAG 2010
Asegúr@IT 7 - Forefront UAG 2010
MetaShield Protector & FOCA 2.0
MetaShield Protector & FOCA 2.0
Similar to Defcon 18: FOCA 2
La nueva FOCA 2.7
La nueva FOCA 2.7
Eventos Creativos
Pentesting drivenbyfoca slides
Pentesting drivenbyfoca slides
BIT Technologies
Foca training hackcon6
Foca training hackcon6
Chema Alonso
FOCA 2.5.5 Training
FOCA 2.5.5 Training
Chema Alonso
4055-841_Project_ShailendraSadh
4055-841_Project_ShailendraSadh
Shailendra Sadh - CISSP
HoneyNet SOTM 32 - Windows Malware Analysis
HoneyNet SOTM 32 - Windows Malware Analysis
Chetan Ganatra
Extreme Scripting July 2009
Extreme Scripting July 2009
Ian Foster
Penetration Testing Boot CAMP
Penetration Testing Boot CAMP
Shaikh Jamal Uddin l CISM, QRadar, Hack Card Recovery Expert
Big data using Hadoop, Hive, Sqoop with Installation
Big data using Hadoop, Hive, Sqoop with Installation
mellempudilavanya999
Introduction P2p
Introduction P2p
Davide Carboni
IIIF & Digital Humanities
IIIF & Digital Humanities
Jean-Philippe Moreux
Who pulls the strings?
Who pulls the strings?
Ronny
PRESENTATION of CEH Tools.pptx
PRESENTATION of CEH Tools.pptx
AadityaSaxena12
Hackerworkshop exercises
Hackerworkshop exercises
Henrik Kramshøj
FAIR Projector Builder
FAIR Projector Builder
Mark Wilkinson
Datasets and tools_from_ncbi_and_elsewhere_for_microbiome_research_v_62817
Datasets and tools_from_ncbi_and_elsewhere_for_microbiome_research_v_62817
Ben Busby
Open Security Operations Center - OpenSOC
Open Security Operations Center - OpenSOC
Sheetal Dolas
an_introduction_to_network_analyzers_new.ppt
an_introduction_to_network_analyzers_new.ppt
Iwan89629
Apache Spark Workshop, Apr. 2016, Euangelos Linardos
Apache Spark Workshop, Apr. 2016, Euangelos Linardos
Euangelos Linardos
Eedc.apache.pig last
Eedc.apache.pig last
Francesc Lordan Gomis
Similar to Defcon 18: FOCA 2
(20)
La nueva FOCA 2.7
La nueva FOCA 2.7
Pentesting drivenbyfoca slides
Pentesting drivenbyfoca slides
Foca training hackcon6
Foca training hackcon6
FOCA 2.5.5 Training
FOCA 2.5.5 Training
4055-841_Project_ShailendraSadh
4055-841_Project_ShailendraSadh
HoneyNet SOTM 32 - Windows Malware Analysis
HoneyNet SOTM 32 - Windows Malware Analysis
Extreme Scripting July 2009
Extreme Scripting July 2009
Penetration Testing Boot CAMP
Penetration Testing Boot CAMP
Big data using Hadoop, Hive, Sqoop with Installation
Big data using Hadoop, Hive, Sqoop with Installation
Introduction P2p
Introduction P2p
IIIF & Digital Humanities
IIIF & Digital Humanities
Who pulls the strings?
Who pulls the strings?
PRESENTATION of CEH Tools.pptx
PRESENTATION of CEH Tools.pptx
Hackerworkshop exercises
Hackerworkshop exercises
FAIR Projector Builder
FAIR Projector Builder
Datasets and tools_from_ncbi_and_elsewhere_for_microbiome_research_v_62817
Datasets and tools_from_ncbi_and_elsewhere_for_microbiome_research_v_62817
Open Security Operations Center - OpenSOC
Open Security Operations Center - OpenSOC
an_introduction_to_network_analyzers_new.ppt
an_introduction_to_network_analyzers_new.ppt
Apache Spark Workshop, Apr. 2016, Euangelos Linardos
Apache Spark Workshop, Apr. 2016, Euangelos Linardos
Eedc.apache.pig last
Eedc.apache.pig last
More from Chema Alonso
Índice Pentesting con Kali 2.0
Índice Pentesting con Kali 2.0
Chema Alonso
Configurar y utilizar Latch en Magento
Configurar y utilizar Latch en Magento
Chema Alonso
Cazando Cibercriminales con: OSINT + Cloud Computing + Big Data
Cazando Cibercriminales con: OSINT + Cloud Computing + Big Data
Chema Alonso
New Paradigms of Digital Identity: Authentication & Authorization as a Servic...
New Paradigms of Digital Identity: Authentication & Authorization as a Servic...
Chema Alonso
CritoReto 4: Buscando una aguja en un pajar
CritoReto 4: Buscando una aguja en un pajar
Chema Alonso
Dorking & Pentesting with Tacyt
Dorking & Pentesting with Tacyt
Chema Alonso
Pentesting con PowerShell: Libro de 0xWord
Pentesting con PowerShell: Libro de 0xWord
Chema Alonso
Foca API v0.1
Foca API v0.1
Chema Alonso
Recuperar dispositivos de sonido en Windows Vista y Windows 7
Recuperar dispositivos de sonido en Windows Vista y Windows 7
Chema Alonso
It's a Kind of Magic
It's a Kind of Magic
Chema Alonso
Ingenieros y hackers
Ingenieros y hackers
Chema Alonso
Cuarta Edición del Curso Online de Especialización en Seguridad Informática p...
Cuarta Edición del Curso Online de Especialización en Seguridad Informática p...
Chema Alonso
Auditoría de TrueCrypt: Informe final fase II
Auditoría de TrueCrypt: Informe final fase II
Chema Alonso
El juego es el mismo
El juego es el mismo
Chema Alonso
El Hardware en Apple ¿Es tan bueno?
El Hardware en Apple ¿Es tan bueno?
Chema Alonso
Latch en Linux (Ubuntu): El cerrojo digital
Latch en Linux (Ubuntu): El cerrojo digital
Chema Alonso
Hacking con Python
Hacking con Python
Chema Alonso
Shuabang Botnet
Shuabang Botnet
Chema Alonso
Tu iPhone es tan (in)seguro como tu Windows
Tu iPhone es tan (in)seguro como tu Windows
Chema Alonso
Codemotion ES 2014: Love Always Takes Care & Humility
Codemotion ES 2014: Love Always Takes Care & Humility
Chema Alonso
More from Chema Alonso
(20)
Índice Pentesting con Kali 2.0
Índice Pentesting con Kali 2.0
Configurar y utilizar Latch en Magento
Configurar y utilizar Latch en Magento
Cazando Cibercriminales con: OSINT + Cloud Computing + Big Data
Cazando Cibercriminales con: OSINT + Cloud Computing + Big Data
New Paradigms of Digital Identity: Authentication & Authorization as a Servic...
New Paradigms of Digital Identity: Authentication & Authorization as a Servic...
CritoReto 4: Buscando una aguja en un pajar
CritoReto 4: Buscando una aguja en un pajar
Dorking & Pentesting with Tacyt
Dorking & Pentesting with Tacyt
Pentesting con PowerShell: Libro de 0xWord
Pentesting con PowerShell: Libro de 0xWord
Foca API v0.1
Foca API v0.1
Recuperar dispositivos de sonido en Windows Vista y Windows 7
Recuperar dispositivos de sonido en Windows Vista y Windows 7
It's a Kind of Magic
It's a Kind of Magic
Ingenieros y hackers
Ingenieros y hackers
Cuarta Edición del Curso Online de Especialización en Seguridad Informática p...
Cuarta Edición del Curso Online de Especialización en Seguridad Informática p...
Auditoría de TrueCrypt: Informe final fase II
Auditoría de TrueCrypt: Informe final fase II
El juego es el mismo
El juego es el mismo
El Hardware en Apple ¿Es tan bueno?
El Hardware en Apple ¿Es tan bueno?
Latch en Linux (Ubuntu): El cerrojo digital
Latch en Linux (Ubuntu): El cerrojo digital
Hacking con Python
Hacking con Python
Shuabang Botnet
Shuabang Botnet
Tu iPhone es tan (in)seguro como tu Windows
Tu iPhone es tan (in)seguro como tu Windows
Codemotion ES 2014: Love Always Takes Care & Humility
Codemotion ES 2014: Love Always Takes Care & Humility
Defcon 18: FOCA 2
1.
FOCA 2.5 Chema
Alonso José Palazón «PALAKO»
2.
What our FOCA
is not
3.
What our FOCA
is not
4.
What’s a FOCA?
5.
FOCA on Linux?
6.
Previously on FOCA….
7.
FOCA 0.X
8.
9.
What can be
found?
10.
Pictures with GPS
info..
11.
Demo: Single files
12.
Sample: mda.mil Total:
1075 files
13.
Sample: FBI.gov Total:
4841 files
14.
15.
DNS Prediction
16.
Google Sets
Prediction
17.
Sample: Printer info
found in odf files returned by Google
18.
Demo: Whitehouse.gov
19.
Yes, we can!
20.
FOCA 2.0
21.
22.
FOCA 2.5: Exalead
23.
PTR Scannig
24.
Bing IP
25.
FOCA 2.5 &
Shodan
26.
27.
28.
29.
30.
FOCA 2.5 URL
Analysis
31.
FOCA 2.5 URL
Analysis
32.
Demo: Whitehouse.gov
33.
Yes, we can!
34.
DNS Cache Snooping
35.
FOCA Reporting Module
36.
FOCA Reporting Module
37.
Demo: DNS Cache
Snooping
38.
FOCA Online http://www.informatica64.com/FOCA
39.
IIS MetaShield Protector
http://www.metashieldprotector.com
40.
41.
42.
… and
Tomorrow here at 19:00
43.
Demo: US
Army
Download now