Detecting Malice with Puppeteer

This talk is going to be about some of the ideas and code samples I was playing with to use Puppeteer scripts as canaries for malicious behavior and leaks. As this is also tied to my research on attack-aware web applications, I will give a brief introduction on this and explain how a client-based detection approach, which sees the things from a users perspective, can complement server-side attack-awareness techniques.