YoVDO

Tired of Playing Exploit Kit Whack-A-Mole? Let's Automate

Offered By: Security BSides San Francisco via YouTube

Tags

Security BSides Courses Cybersecurity Courses Javascript Courses Malware Analysis Courses Web Security Courses

Course Description

Overview

Explore an innovative approach to detecting and analyzing Exploit Kits (EKs) at scale in this 19-minute conference talk from BSidesSF 2017. Learn about a new technique that utilizes headless browsers equipped with JavaScript and DOM inspectors to crawl the web efficiently. Discover how this method can automate the process of identifying EKs, moving beyond traditional dynamic analysis tools and JavaScript de-obfuscators. Gain insights into the behavior of the latest EKs hiding in plain sight through a proof-of-concept demonstration. Delve into topics such as headless browsers, JavaScript, gate code, decode functions, prototype attributes, plugins, XML DOM, and signatures to enhance your understanding of this automated EK detection approach.

Syllabus

Intro
Headless Browser
JavaScript
Gate
Code
Decode
Function Prototype
Attribute
Plugins
Handles
XML DOM
Signatures
Summary


Taught by

Security BSides San Francisco

Related Courses

Internet History, Technology, and Security
University of Michigan via Coursera Client-Server Communication
Google via Udacity HTTP & Web Servers
Udacity Network Security
Georgia Institute of Technology via Udacity Web Security Fundamentals
KU Leuven University via edX