Presentation Material

Abstract

This talk is put together with bits and pieces of my research in advanced exploit delivery mechanisms. What you see on your browser may not always be a pretty picture. In this talk, we explore how images can be used as active exploits. By shifting evil payloads to images, it is possible to defeat even the most sophisticated systems of threat detection. We shall see how exploits can be encoded in image pixels, executing Javascript through images, and lastly how vector images are being used in browser heap memory manipulation.