Clip 1/4 Speaker: Blake Hartstein Attackers using web exploits are always improving their attacks to make them more effective at exploiting the victim, avoiding detection, and generally making attacks difficult for researchers to understand. While anti-virus products often try to detect malicious content by applying filters and finding hidden content, they generally do not help researchers because the only output they produce is a name indicating whether a file is malicious. Jsunpack-n reports vulnerabilities that attackers target and full information of decodings. Jsunpack-n contains many unique improvments to last year’s 2009 introduction of jsunpack at Shmoocon, most notably these include: release of full source code, the ability to use jsunpack-n to actively monitor network traffic (interface/packet capture file), detection of malicious content using both customizable rules and built-in detection mechanisms, pdf and swf decoding modules, and tree structures and URL tracking mechanisms. For more information and the presentation slides go to: bit.ly