Offensive, Defensive, and Forensic Techniques for Determining Web User Identity
Creator: Zachary Zebrowski
License: Creative Commons: Attribution, Share-Alike
(http://creativecommons.org/licenses/by-sa/3.0/)
Lab Requirements: Access to the internet, a web browser. Author written tools available at http://zak.freeshell.org/course/lab.html
Recommended Class Duration: 1 day
Creator Available to Teach In-Person Classes: Yes
Author Comments:
This course looks at web users from a few different perspectives. First, we look at identifying techniques to determine web user identities from a server perspective. Second, we will look at obfuscating techniques from a user whom seeks to be anonymous. Finally, we look at forensic techniques, which, when given a hard drive or similar media, we identify users who accessed that server.
To submit any suggestions, corrections, or explanations of things I didn't know the reasons for, please email me at the address above.
Part 1 (4:16, 37 MB) - Introduction
Part 2 (10:02, 92 MB) - Characteristics of Internet Connections
Part 3 (17:49, 156 MB) - Offensive - IP Geolocation
Part 4 (31:20, 254 MB) - Offensive - Browser Identification
Part 5 (5:51, 52 MB) - Defensive - Borrowing Wifi Connections
Part 6 (19:39, 146 MB) - Defensive - Shell & Cloud Accounts
Part 7 (24:07, 177 MB) - Defensive - Anonymizers
Part 8 (5:16, 46 MB) - Defensive - Web Browser Privacy Modes
Part 9 (11:54, 101 MB) - Defensive - Email Origin Obfuscation
Part 10 (16:13,129 MB) - Offensive/Defensive - Other Web Browser Attacks/Defenses
Part 11 (33:24, 257 MB) - Forensic: Database Analysis
Part 12 (15:01, 107 MB) - Forensic: Log Analysis
(3:04:52 total, sans lab time)
Revision History:
08-18-2013 - Videos from April 2013 class uploaded
01-07-2012 - Initial class content upload
If you have used and modified this material, we would appreciate it if you submit your modified version for publishing here, so that all versions can benefit from your changes.
