Exploit Kit Cornucopia

Black Hat USA 2017

Presented by: Brad Antoniewicz, Matt Foley
Date: Thursday July 27, 2017
Time: 14:30 - 15:20
Location: South Seas ABE

Detecting the compromised websites, gates, and dedicated hosts that make up the infrastructure used by Exploit Kits involves a variety of creative techniques. In this session, we will detail four approaches to uncovering these systems while explaining the underlying architecture of Exploit Kit networks. We will disclose a vulnerability in the injected code placed on compromised websites and exploit that vulnerability to uncover deeper infrastructure. Finally, we'll introduce a novel approach to obtaining the malware sent via phishing campaigns which is often the same result of an Exploit Kit compromise.

Brad Antoniewicz

Brad Antoniewicz works in Cisco Umbrella's security research group. He is an Adjunct Professor teaching Vulnerability Analysis and Exploitation and a Hacker in Residence at NYU's Tandon School of Engineering. Antoniewicz is also a Contributing Author to both the Hacking Exposed and Hacking Exposed: Wireless series of books.

Matt Foley

Matt Foley is an intern working in Cisco Umbrella's security research group. The primary area of focus for his research has been in exploit kit mitigation. He is also a student at NYU's Tandon School of Engineering where he is pursuing a BS in Computer Science.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats