Overview
Explore the world of cyber threats in this 46-minute conference talk from BSidesLV 2015. Delve into the intricacies of Angler Exploit Kits and domain shadowing techniques. Learn about the assembly line of cyber attacks, user compromise methods, and Angler's innovative approaches. Examine real-world examples, including the Kevin Spann NetCore Domain case. Understand the significance of domain shadowing, its fishing techniques, and the reasons behind domain registrations. Analyze URL and exploit structure changes, payload delivery methods, and detection strategies. Gain valuable insights into random domain generation and exploit kit hunting pro tips. Enhance your cybersecurity knowledge with this comprehensive overview of Angler's lurking threats in the domain shadows.
Syllabus
Introduction
Overview
Assembly Line
How do users get compromised
Anglers innovation
Angler exploits
Zeroday campaigns
Domains
Kevin Spann Net
Core Domain
Domain Tools
What I Found
Domain Shadowing
How Big of a Deal
Fishing
Why Register
Domain Shadows
Landing Page Nanigans
URL Structure Changes
Exploit Structure Changes
Payloads
Detection
Random Domains
Exploit Kit
Hunting Pro Tip
Angler Exploit Kits
Questions