Overview
Explore four innovative approaches to uncovering compromised websites, gates, and dedicated hosts that form the infrastructure of Exploit Kits in this 45-minute Black Hat conference talk. Delve into the underlying architecture of Exploit Kit networks while learning about detection techniques such as Vagrant, FilterProxy Network, Browser Scraper, and Decoder. Discover the intricacies of data visualization, backdoor hashing, user ID analysis, and post-data examination. Gain insights into brute force methods, email honeypots, disposable mailboxes, and the concept of "The Magic Address." Enhance your understanding of Exploit Kits and their detection through this comprehensive presentation by Brad Antoniewicz and Matt Foley.
Syllabus
Intro
Introductions
Agenda
Background
Michelle
NYC Running Mama
Exploit Kit
Exploit Kit Tracker
Detecting Exploit Kits
Vagrant
Filter
Proxy Network
Browser Scraper
Decoder
Squid Proxy
What to scrape
Hitless
Lambda
Data Visualization
Backdoor
Hash
User IDs
Post Data
Brute Force
Email honey pots
Disposable mailbox
Mail Runner
lacedmailcom
Exploit Kits
The Magic Address
Overwrite
Recap
Taught by
Black Hat