Systems and methods for detecting exploit-kit landing pages

摘要

The disclosed computer-implemented method for detecting exploit-kit landing pages may include detecting an attempt to access a web page via a computing device. The web page may be an unknown landing page of an exploit kit that includes a script that may be used by the exploit kit to access attributes of the computing device that may be used by the exploit kit to select suitable exploit code for compromising the computing device. The disclosed computer-implemented method may further include (1) monitoring one or more behaviors of the script, (2) detecting an attempt by the script to access an attribute of the computing device, (3) determining, based on the attempt to access the attribute, that the web page is likely a landing page of the exploit kit, and (4) performing a security action in response to the determination. Various other methods, systems, and computer-readable media are also disclosed.