Actions Speak Browser Than Words (Exploiting n-days for fun and profit)
It’s getting increasingly more difficult to write full chain browser exploits, meaning that APTs tend to chain multiple vulnerabilities to get code execution on their targets. When these exploits are caught in the wild, high level details are often released by the defenders and offensive researchers will often try to replicate the exploit themselves. This talk discusses the approach to analyzing two browser n-days from their public descriptions and going from zero to n-day hero.
Level 0, Red Team Village