Browser Exploits - Grab Them by the Collar

Explore a cutting-edge browser exploit detection technique in this conference talk from BruCON Security Conference. Delve into the world of Advanced Persistent Threats (APT) and their impact on web browsers, focusing on the growing attack surface. Learn about TCP Live Stream Injection, a method historically abused by Internet Service Providers and router vendors to intercept HTTP traffic and inject arbitrary data. Discover how this same technique can be repurposed to create a generic, agent-less browser exploit detection system. Understand the advantages of this approach over traditional Host Based Intrusion Prevention Systems, including its ability to detect and block browser exploits without requiring OS API hooking, DLL injection, or code injection in the browser process.

BruCON 0x09 - Browser Exploits? Grab them by the… collar! - Debasish Mandal