From EK to DEK - An Analysis of Modern Document Exploit Kits
Offered By: BSidesLV via YouTube
Course Description
Overview
Explore the evolution and inner workings of modern document exploit kits in this 40-minute conference talk from BSidesLV 2019. Delve into an in-depth analysis of ThreadKit and VenomKit, examining their infection chains and campaign examples. Gain insights into various exploitation techniques, including compound moniker logic exploits, composite moniker OLE objects, and scriptlet examples. Investigate buffer overflow exploits in Equation Editor and font records, as well as Adobe Flash use-after-free vulnerabilities. Learn about the adoption of red team techniques and understand the key takeaways for defending against these sophisticated threats.
Syllabus
Intro
DOCUMENT EXPLOIT KITS
THREADKIT AND VENOMKIT
THREADKIT CAMPAIGN EXAMPLE
OLE OVERVIEW
THREADKIT INFECTION CHAIN EXAMPLE
VENOMKIT INFECTION CHAIN EXAMPLE
COMPOUND MONIKER LOGIC EXPLOIT
COMPOSITE MONKER OLE OBJECT
SCRIPTLET EXAMPLE
EQUATION EDITOR BUFFER OVERFLOW EXPLOITS
FONT RECORD BUFFER OVERFLOW
LOGFONT BUFFER OVERFLOW
ADOBE FLASH UAF - UAF TRIGGER
RED TEAM TECHNIQUE ADOPTION
CONCLUSION & TAKEAWAYS
ACKNOWLEDGEMENTS
Taught by
BSidesLV
Related Courses
Software Design Threats and MitigationsUniversity of Colorado System via Coursera Information Security - 5 - Secure Systems Engineering
Indian Institute of Technology Madras via Swayam Unlocking Information Security I: From Cryptography to Buffer Overflows
Tel Aviv University via edX Unlocking Information Security
Tel Aviv University via edX Buffer Overflow Exploits (Arabic) | OSCP Preparation
Udemy