YoVDO

Tired of Playing Exploit Kit Whack-A-Mole? Let's Automate

Offered By: Security BSides San Francisco via YouTube

Tags

Security BSides Courses Cybersecurity Courses Javascript Courses Malware Analysis Courses Web Security Courses

Course Description

Overview

Explore an innovative approach to detecting and analyzing Exploit Kits (EKs) at scale in this 19-minute conference talk from BSidesSF 2017. Learn about a new technique that utilizes headless browsers equipped with JavaScript and DOM inspectors to crawl the web efficiently. Discover how this method can automate the process of identifying EKs, moving beyond traditional dynamic analysis tools and JavaScript de-obfuscators. Gain insights into the behavior of the latest EKs hiding in plain sight through a proof-of-concept demonstration. Delve into topics such as headless browsers, JavaScript, gate code, decode functions, prototype attributes, plugins, XML DOM, and signatures to enhance your understanding of this automated EK detection approach.

Syllabus

Intro
Headless Browser
JavaScript
Gate
Code
Decode
Function Prototype
Attribute
Plugins
Handles
XML DOM
Signatures
Summary


Taught by

Security BSides San Francisco

Related Courses

Computer Security
Stanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network