Explore a powerful new tool for detecting Flash Player zero-day attacks in the wild across various channels in this 17-minute Black Hat conference talk. Gain insights into the shift of attack targets from Java and IE to Flash Player in 2015. Learn effective methods for obtaining flash samples from diverse sources and identifying zero-day vulnerabilities within large datasets. Discover the implementation of an advanced Flash detector with low false-positive rates. Delve into topics such as intelligence gathering, detection flow, object import techniques, improved APD behaviors, and OCX loading. Witness a live demonstration showcasing the tool's capabilities in identifying and analyzing potential Flash Player exploits.
New Tool for Discovering Flash Player 0-Day Attacks in the Wild from Various Channels
Overview
Syllabus
Introduction
Who am I
Background
Problems
Sources
Intelligence
Advanced Flash Detector
How to Implement AFED
Detection Flow
GIDHook
WorkCreating
Detection
Object import
Improved APD
Behaviors
OCX Loading
TC Reference
Demo
Taught by
Black Hat
