information assurance

Exploit kits are easy-to-use packages of scripts and exploits to automatically set up a website and deliver malware via a drive-by download. They can be traced back to Russian toolkits in 2006. Over the years, exploits kits have become more numerous and professionally developed. Most exploit kits now include multiple exploits and a web-based management console for the attacker to keep track of infected targets.

Many exploit kits have been reported by the security industry.

Choose one exploit kit as a case study. Suggestions include the following:

Exploit Kits Types

Exploit Kits
WebAttacker

Red Kit

Mpack

Magnitude

Angler

Nuclear

Fiesta

Neutrino

Sweet Orange

Styx

Blackhole

FlashPack

NuclearPack

Rig

Please note that actually downloading and using these can be risky because they are criminal tools. You can search yourself for descriptions of any kit, in order to answer the questions. Security companies have published descriptions of them, which can be found by searching.

Here are some useful references:

Chen, J., & Li, B. (2015). Evolution of exploit kits [PDF file size 2.2 MB]. Trend Micro. (ATTACHED)
Fossi, M., et al. (n.d.). Symantec report on attack kits and malicious websites [PDF file size 6.1 MB]. (ATTACHED)

Use online resources to write 2-3 pages addressing the following questions for the exploit kit of your choice:

1- How does the exploit kit enable the attacker to set up an attacking website, e.g., by compromising a legitimate website or setting up a malicious website?
2- What exploits are included in the exploit kit?
3- Does the exploit kit include a management console? If so, what is displayed?

Leave a Reply

Your email address will not be published. Required fields are marked *