Save 40% on Coursera Plus Annual

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Tired of Playing Exploit Kit Whack-A-Mole? Let's Automate

Security BSides San Francisco via YouTube

Start learning Write review
Coursera Ad

Save 43% on 1 Year of Coursera Plus

Learn More → Boot.dev Ad

Learn Backend Development Part-Time, Online

Learn More →

Overview

Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore an innovative approach to detecting and analyzing Exploit Kits (EKs) at scale in this 19-minute conference talk from BSidesSF 2017. Learn about a new technique that utilizes headless browsers equipped with JavaScript and DOM inspectors to crawl the web efficiently. Discover how this method can automate the process of identifying EKs, moving beyond traditional dynamic analysis tools and JavaScript de-obfuscators. Gain insights into the behavior of the latest EKs hiding in plain sight through a proof-of-concept demonstration. Delve into topics such as headless browsers, JavaScript, gate code, decode functions, prototype attributes, plugins, XML DOM, and signatures to enhance your understanding of this automated EK detection approach.

Syllabus

Intro
Headless Browser
JavaScript
Gate
Code
Decode
Function Prototype
Attribute
Plugins
Handles
XML DOM
Signatures
Summary

Taught by

Security BSides San Francisco

Reviews

Start your review of Tired of Playing Exploit Kit Whack-A-Mole? Let's Automate

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.