Explore the world of web exploit toolkits in this 42-minute Black Hat USA 2012 conference talk. Dive deep into popular exploit kits like Blackhole and Phoenix, as well as emerging players from Asia. Gain insights into kit construction, shellcode analysis, obfuscation techniques, and exploit patterns. Learn about data harvesting methods and current trends in cybercriminal tactics. Examine pricing models, control panels, and JavaScript obfuscation techniques used by various exploit kits. Understand the timeline of significant events in 2011 and their impact on the exploit kit landscape. Discover how exploit kits leverage Java Rhino, DNS generation, and anti-calling mechanisms. Compare statistics and features across different exploit kits, including YangPack, SweetOrange, and Nuclear Pack. Equip yourself with knowledge to better comprehend and combat web-based threats in this comprehensive overview of the state of web exploit toolkits.
Overview
Syllabus
Introduction
HP DV Labs
Muleta
Pricing
KV Securities Blog
How Exploit Kits Work
Blackhole
Timeline of 2011
Trend Micro paper
Blackhole Control Panel
Java Rhino
Reddit
Control Panel
JavaScript
Shellcode
IP sched
DNS generation
Phoenix
Phoenix Statistics
Phoenix obfuscations
Other exploit kits
YangPack
SweetOrange
General Statistics
Nuclear Pact
Anti Calling
Conclusion
Questions
Taught by
Black Hat
