Saturday from 14:00 – 15:50 in Sunset 6 at Planet Hollywood
Audience: Offensive Security, AppSec Emmanuel Law & Claudio Contin

This presentation is focused around Shadow Workers, a tool that came out of our research on service workers. Service Workers are a new addition to modern browser and often used to extend offline capabilities to a website. With this tool, we weaponized service workers to include the ability to implant a pseudo backdoor in the browser and ghost through a victim's browser session to sniff, manipulate, and even proxy data silently. We'll demo the various persistence mechanisms our tool provides to keep service workers alive and demo how MITM can be done at the browser layer.

https://github.com/shadow-workers/shadow-workers

Emmanuel Law
Emmanuel Law (@libnex) is currently a security engineer in the Bay Area. He spends his free time researching news ways to break stuff and has presented at various international conferences such as Black Hat Arsenal, Ruxcon, Kiwicon, Troopers etc.

Claudio Contin
Claudio Contin (@claudiocontin) is a security consultant with ZX Security in Wellington, New Zealand. Before working in security, he spent several years developing web applications. He has presented at Bsides SF, Kiwicon and OWASP conferences. During his free time, he contributed to various open-source projects such as BEeF framework and Gophish.