JavaScript is a powerful language and is ubiquitous – in fact RedMonk rates it as the #1 most popular programing language in the world.
Load a web page and your computer starts executing the JavaScript embedded within. Sound dangerous? Of course it is, and browser makers have tried hard to make it secure by keeping the code within its sandbox. In this webinar, we’ll look at what happens when it gets out.
But JavaScript goes beyond browsers. Lots of other applications and document types support JavaScript besides just browsers and web pages including:
- PDF files
- Email clients
- Word processing applications
- Server-side apps
- Modern Windows apps
In this real training for free event, I’ll show you several different forms of malicious JavaScript such as:
- Malicious PDF example
- Malicious .js file email attachment
- Malicious Javascript used in common MITM scenarios
How do you analyze malicious JavaScript? We'll discuss locating and extracting suspicious code, deobfuscating it and watching it execute in a safe environment that you may come across during a security investigation.
You can gain valuable information from JavaScript that can then feed other investigation outputs such as YARA rules, openIOC rules and other signatures. The emphasis should be on outputs for continual detection purposes or expanding your investigation scope – as in “Has anyone else on my network been affected?”
DomainTools is our sponsor and Tarik Saleh will show you how their technology works hand-in-hand with threat hunting techniques.
Please join us for this real training for free session.