Published on March 19th, 2012 | by NJ Ouchn0
Blackhat Amsterdam 2012 : ToolsTube with James Forshaw on CANAPE v1.0
Citrix ICA is a complex multi-layered protocol which uses multiplexed frames, compression and encryption over a single TCP connection. Rather than creating a complete bespoke program to proxy and manipulate the traffic, CANAPE can be used to provide the networking, parsing and fuzzing infrastructure to significantly reduce development effort.
Michael Jordon is a Principal Consultant at Context Information Security and has 11 years experience within the IT security and software development industry. Michael developed the Context App Tool (CAT) which is a web application security tool for performing manual application assessments. He has presented at various conferences including InfoSec, OWASP and RuxCon. He has also released advisories in software products including Sophos, Citrix and Outlook web access and released a whitepaper on ‘Assessing Cloud Node Security’.
James is a principal consultant at Context Information Security Limited; a UK based security consultancy firm with a presence in Australia through our Melbourne office. He has been involved with computer hardware and software security for almost 10 years with a skill set which covers the bread and butter of the security industry such as application testing, through to more bespoke product assessment, vulnerability analysis and exploitation. He is also the developer of the CANAPE tool being presented at Black Hat.
He has presented at a number of conferences included Chaos Computer Congress and Ruxcon.