DEF CON 25 Packet Hacking Village – Sam Erb – You're Going to Connect to the Wrong Domain Name

DEF CON 25 Packet Hacking Village – Sam Erb – You're Going to Connect to the Wrong Domain Name

Can you tell the difference between gооgle.com and google.com? How about xn--ggle-55da.com and google.com? Both domain names are valid and show up in the Certificate Transparency log. This talk will be a fun and frustrating look at typosquatting, bitsquatting and IDN homoglyphs. This talk will cover the basics, show real-world examples and show how to use Certificate Transparency to track down particularly malicious impersonating domain names which have valid X.509 certificates.

4 Comments

  1. Matthieu Honel on November 19, 2021 at 11:27 am

    Interesting talk but this guy needs to make an effort to not say "uuuuh" every 5 seconds.

  2. Xaeravoq on November 19, 2021 at 11:43 am

    every other word is um or uh. very hard to listen to.

  3. cryptearth on November 19, 2021 at 11:52 am

    maybe someone should had told him about how to pronounce the word cyrillic the right way

  4. kjenbje on November 19, 2021 at 12:18 pm

    ehm……ehm…..eh…….ehm……eh……

Leave a Comment