boyska
/
sito-hackit-16


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137
							<!DOCTYPE html>
<html>
  <head>
    <title>Facciamo finta di avere una vita sociale</title>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
    <style type="text/css">
      @import url(https://fonts.googleapis.com/css?family=Yanone+Kaffeesatz);
      @import url(https://fonts.googleapis.com/css?family=Droid+Serif:400,700,400italic);
      @import url(https://fonts.googleapis.com/css?family=Ubuntu+Mono:400,700,400italic);

      body { font-family: 'Droid Serif'; }
      h1, h2, h3 {
	      font-family: 'Yanone Kaffeesatz';
	      font-weight: normal;
      }
      .remark-code, .remark-inline-code { font-family: 'Ubuntu Mono'; }
      .inverse {
	      background: #272822;
	      color: #777872;
	      text-shadow: 0 0 20px #333;
      }
      .inverse h1, .inverse h2 {
	      color: #f3f3f3;
	      line-height: 0.8em;
      }

      /* Slide-specific styling */
      #slide-inverse .footnote {
	      bottom: 12px;
	      left: 20px;
      }
    </style>
  </head>
  <body>
    <textarea id="source">

class: center, middle, inverse

## Facciamo finta di avere una vita sociale

Mettiamo dei bot a fare amici al posto nostro

---

layout: false

# Summary

(there's not much, actually)

1. The tools we have
2. The fun I imagine
3. How much is too much?

---

# The tools we have

* Simulating web behaviour with browsers bots
* It's easier than API!
  * we don't need oauth, authorization, etc
  * it's (arguably) more similar to a 'normal' user behaviour

---

## Splinter

A wrapper on selenium (and something else actually) which is an implementation of the webdriver interface.

Which means that... 

```
    from splinter import Browser

    browser = Browser('chrome')
    browser.visit('http://google.com')
    browser.fill('q', 'the answer to life the universe and everything')
    # find the submit buttom by the class atribute and click it
    browser.find_by_css('.lsb').first.click()
    # Note: find_by_css find elements in html using css selectors
    # like we use in a css file
    print browser.find_by_css('#topstuff .std h2').first.value

    browser.quit()
```

---

## Splinter: smilar stuff

There is plenty of similar stuff in your favourite language

---

# The fun I see

* noone is stupid enough to appear as such on twitter
  * not even a bot
* so go making crazy bots everywhere
* is not a new idea: even at hackit0x0F there was something similar
  * but it was based on Facebook API (less stealth) + JS extension (more burden to write)

---

# How much is too much?

Why don't we record everything we see with forensic data management tools? Maltego!

![maltego shot](bot/maltego-small.jpg)

---

# How much is too much?

Why don't we record everything we see with forensic data management tools? Maltego!

È un accrocco in cui tu ci metti i dati che hai raccolto, così li puoi visualizzare in un modo intuititivo.

---

# The fun I see

* scriviamo bot in giro
* vediamo che cosa scoprono
* tipo spettegolare sul quartiere, ma coi quartieri degli altri

    </textarea>
    <script src="remark-latest.min.js">
    </script>
    <script>
var slideshow = remark.create({
    'highlightLanguage': 'python',
    'highlightStyle': 'monokai'
});
    </script>
  </body>
</html>