What is a watering hole attack, how do they work and what can you do to defend against them? Find out in this watering hole walkthrough from Infosec Principal Security Researcher Keatron Evans.
How does a watering hole attack work?
Watering hole attacks are one of the most dangerous cybersecurity issues because victims can be compromised simply by visiting a legitimate website. In this episode of Cyber Work Applied, Keatron walks through a real watering hole attack example. Watch the full walkthrough below:
How to carry out a watering hole attack | Free Cyber Work Applied series
New episodes of Cyber Work Applied are released every other week. Check out the full collection of free Cyber Work Applied training videos.
Watering hole attack example and walkthrough
The edited transcript of Keatron’s watering hole attack walkthrough is provided below, along with a portion of the code he uses.
Watering hole attack demo overview
(0:00–0:44) We’re going to look at how to go step by step through a watering hole attack. We’ll configure it, set it up and watch the results of what happens when an unknowing victim comes and visits the site after someone’s set up a watering