Mohamed Bedewi

Senior Security Researcher and Penetration Tester (UAE)

Senior Security Researcher and Penetration Tester at DTS Solution with more than 13 years of technical experience, he has worked with sensitive governmental entities, banks, colleges, major telecommunication providers, power and energy providers, transportation authorities, his main area of interest is web application security, SCADA/ICS penetration testing, application exploitation, social engineering and physical security. Expert in almost every operating system, deep and detailed understanding of all 7 OSI Layers, Unix and Linux user with years of in depth technical experience, malicious coder, exploitation ninja and capable of turning a very simple vulnerability into a nightmare, stealthy by default and even if you have the latest security mechanisms in place, you’ll always find him lurking around looking for new vulnerabilities and exploits!

Twitter: https://twitter.com/mbedewi
LinkedIn: https://ae.linkedin.com/in/mbedewi

Building a Weaponized Honeybot

Honeybots are a sophisticated security control which can be used as a stress reliever in case of persistent targeted attacks, to analyze and understand attack patterns to implement proper security controls and sometimes it can be used to put cyber-criminals behind bars.

Honeybots are not widely used because their deployment can be complex and time-consuming also their coverage for web applications is very limited and not sufficient specially when most of the online attacks are targeting web applications and services.

In this presentation I will discuss the process of building a fully weaponized honeybot which can function on both application and network levels, I will also highlight with a live demonstration how it can effectively and robustly decoy, deanonymize, identify, attack and profile malicious users even if they’re behind TOR, VPN or Proxies automatically with zero human interaction.

Presentation @DefCamp 2015