Exploit Kit Shenanigans: They’re Cheeky!

Presented at BSidesLV 2015, Aug. 4, 2015, 2 p.m. (235 minutes)

The "Exploit Kit Shenanigans: They're Cheeky!" workshop will consist of attendees pulling apart a few exploit kits to understand how they work at a low level. This will be an intermediate-level workshop, developed for people familiar with running Linux commands (we'll be using REMnux) and those whom can learn new tools quickly (we'll be using a bevy of tools, including the likes of Immunity Debugger). I LOVE analyzing exploit kits, and I cannot wait to show others how to review an exploit kit's real intent. We would begin by grabbing some samples off VirusTotal (pre-selected of course), work to deobfuscate the threats, cover how the actual exploits work, and then analyze the relevant shellcode in a debugger.

Presenters:

• Ryan Chapman - Computer Incident Response Analyst - Bechtel Corporation
  Ryan Chapman works as an incident response analyst for Bechtel Corporation. Ryan enjoys the challenge of handling incidents, reversing malware, and automating tasks for the security operations center. He also loves public speaking and has presented at venues such as BSides, CactusCon, Splunk .Conf, and others. Ryan has a fondness for doing stand-up comedy, retro gaming, and plays plenty of Street Fighter. Hadouken!

Links:

• https://bsideslv2015.sched.com/event/3ufD/exploit-kit-shenanigans-theyre-cheeky

Similar Presentations:

• Black Hat Europe 2014 / PDF Attack: A Journey from the Exploit Kit to the Shellcode
• Black Hat Asia 2014 / PDF Attack: A Journey From the Exploit Kit to the Shellcode
• Black Hat USA 2017 / Exploit Kit Cornucopia