Exploit kits are easy-to-use packages of scripts and exploits to automatically set up a website and deliver malware via a drive-by download. They can be traced back to Russian toolkits in 2006. Over the years, exploits kits have become more numerous and professionally developed. Most exploit kits now include multiple exploits and a web-based management console for the attacker to keep track of infected targets.
Many exploit kits have been reported by the security industry.
Choose one exploit kit as a case study. Suggestions include the following:
Exploit Kits Types
Exploit Kits
WebAttacker
Red Kit
Mpack
Magnitude
Angler
Nuclear
Fiesta
Neutrino
Sweet Orange
Styx
Blackhole
FlashPack
NuclearPack
Rig
Please note that actually downloading and using these can be risky because they are criminal tools. You can search yourself for descriptions of any kit, in order to answer the questions. Security companies have published descriptions of them, which can be found by searching.
Here are some useful references:
Chen, J., & Li, B. (2015). Evolution of exploit kits [PDF file size 2.2 MB]. Trend Micro. (ATTACHED)
Fossi, M., et al. (n.d.). Symantec report on attack kits and malicious websites [PDF file size 6.1 MB]. (ATTACHED)
Use online resources to write 2-3 pages addressing the following questions for the exploit kit of your choice:
1- How does the exploit kit enable the attacker to set up an attacking website, e.g., by compromising a legitimate website or setting up a malicious website?
2- What exploits are included in the exploit kit?
3- Does the exploit kit include a management console? If so, what is displayed?