Learn, hack!

Hacking and security documentation: slides, papers, video and audio recordings. All in high-quality, daily updated, avoiding security crap documents. Spreading hacking knowledge, for free, enjoy. Follow on .

Targeted attacks: from being a victim to counter attacking

browser, exploiting, malware, malware analysis
Andrzej Dereszowski
Black Hat EU 2010
Indexed on
Mar 26, 2013
File name
File size
1.4 MB

This presentation is an analysis of a common sort of targeted attacks performed nowadays against many organizations. As it turns out, publicly available remote access tools - RAT (which we usually call trojans) are frequently used to maintain control over the victim after a successful penetration. The presentation and the white paper do not focus on a particular exploitation techniques used in these attacks. Instead, they aim to get a closer look at one of the most popular remote access trojans. The presentation describes a way to figure out which particular trojan has been used. It shows the architecture, capabilities and techniques employed by developers of the identified trojan, including mechanisms to hide its presence in the system, and to cover its network trace. It speaks about tools and techniques used to perform this analysis. Finally, it presents a vulnerability analysis and a proof of concept exploit to show that the intruders could also be an object of an attack.

About us

Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.


Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.


To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.

Flattr this Click here to lend your support to: Keep live SecDocs for an year and make a donation at www.pledgie.com !