The Web is a Terrible Place: the forensics of phishing, tracking, and ad-tech with Lookyloo

Back to the list of Speakers and Sessions

It will be news to nobody that websites are getting more complex, and this complexity is exploited by attackers setting up malicious websites to trick the users into giving private information on phishing websites. Also, ads networks and tracking systems are proliferating faster than anyone can keep up, even the people running the sites they appear on. The complexity of the technologies used on websites makes any accountability nearly humanely impossible. We developed [Lookyloo](https://www.lookyloo.eu/docs/main/index.html) to help people to understand what really happen on websites, and this is what we found.

The complexity of websites is making extremely difficult for an analyst to investigate what is going on on a simple phishing website loading a few resources, it is barely doable on websites embedding ads content and loading sometimes over a thousand URLs in a few seconds, before the user has time to do anything, and give any kind of consent as required by laws like GDPR or CCPA.

In order to assist analysts to investigate a website, we developed Lookyloo. The goal is to help analysts, sysadmins, investigators and ever the odd lawyer or two, by allowing lookyloo users to control as many parameters (user agent, cookies, referers) as possible in order to compare captures over time.


Raphaël Vinot ,

Raphaël is a member is the Computer Incident Response Center Luxembourg, and developed or participated to the development of a lot of tools in order to support incident response. He's also explaining how the internet works to kids and adults on a regular basis, even if he's been doing that a bit less over the last year...