Found a copy of Jose Nazario CanSecWest presentation where he talks about detecting JavaScript malware. Actually, he is talking about how to manually reverse engineer JavaScript encoders that drop traditional sploits. Interesting, but too primitive to turn into an automated process to stop the JavaScript malware John and I are talking about at BlackHat. |