Stegospolit - Exploit Delivery With Steganography and Polyglots

by Saumil Shah

"A good exploit is one that is delivered with style."

Stegosploit creates a new way to encode "drive-by" browser exploits and deliver them through image files. These payloads are undetectable using current means. This talk discusses two broad underlying techniques used for image based exploit delivery - Steganography and Polyglots. Drive-by browser exploits are steganographically encoded into JPG and PNG images. The resultant image file is fused with HTML and Javascript decoder code, turning it into an HTML+Image polyglot. The polyglot looks and feels like an image, but is decoded and triggered in a victim's browser when loaded. The Stegosploit Toolkit v0.3, to be released with improvements upon existing v0.2, contains the tools necessary to test image based exploit delivery.

Stegospolit - Exploit Delivery With Steganography and Polyglots blackhat 2015
110 Likes	110 Dislikes
7,965 views views	117K followers
People & Blogs	Upload TimePublished on 5 Mar 2016

Related keywords

1. infosec news
2. information security manager
3. blackhat asia 2019
4. blackhat 2019
5. infosec twitter
6. blackhat 2018
7. black hat seo technique
8. blackhat europe
9. blackhat badger sekiro
10. black hat x reader
11. black hat cartoon
12. black hat x dr flug
13. cyber securityとは
14. blackhat conference 2019
15. cyber security cloud
16. black hat full movie
17. blackhat badger
18. blackhat forum
19. information security foundation 勉強
20. infosec rotkreuz
21. cyber security framework
22. information security policy template
23. infosecurity utrecht
24. infosec ups system
25. cyber security news
26. cyber security act
27. infosecurity
28. blackhat full movie
29. infosec blog
30. black hat badger
31. information security foundation 参考書
32. information security management system
33. cyber security conference
34. black hat seo
35. cyber security pro
36. black hat movie
37. blackhat imdb
38. infosec podcast
39. black hat cast
40. cyber security pro 新しいネットワークが検出されました
41. cyber security cloud managed rules
42. cyber security measures
43. information security governance
44. infosec global
45. infosecurity europe 2020
46. infosec health
47. infosec magazine
48. information security 日本語
49. infosec 19
50. black hat anime
51. information security foundation
52. infosecurity magazine
53. cyber security tokyo
54. black hat meaning
55. black hatch
56. information security definition
57. information security pdf
58. infosec europe 2019
59. cyber security market
60. infosec institute
61. infosec 2019 london
62. information security foundation 難易度
63. black hatch gamefowl
64. cyber security management system
65. information security certifications
66. blackhat film
67. cyber security pro アンインストール
68. information security specialist
69. cyber security 意味
70. cyber security analyst
71. information security policy
72. black hat usa 2019
73. information security forum
74. information security news
75. infosec conferences
76. information security officer
77. infosekta
78. cyber security japan
79. blackhat trailer
80. information security analyst
81. cyber security university
82. black hat hacker
83. black hat forum
84. cyber security company
85. black hat hacking
86. black hat villainous
87. blackhat conference
88. information security foundation based on iso/iec 27001
89. blackhat usa
90. cyber security report
91. blackhatworld
92. black hat x demencia
93. information security management
94. blackhat cast
95. black hat 2019
96. infosec reactions