Automated ActiveX Exploitation with COMikazi

This October i will be presenting at the Tulsa Tech Fest www.tuslatechfest.com . I will be presenting on a new tool currently in development at Bastard Labs called COMikazi. COMikazi is basically what you get when you cross a webcrawler that actively searches for new COM objects on the Internet and a ActiveX fuzzer designed to find security bugs in ActiveX controls. But we couldnt leave it there so we took it a step further and Created an Automatic Exploit Generator that will take the security vulnerabilities found by COMikazi and Automatically Generate working metasploit exploit modules for those security vulnerabilities :). yes thats right with one click COMikazi will scour the Internet looking for vulnerable code and when found automatically pump out 0day exploit modules. thats how we roll at blabs :) Automatic Exploit Generation FTW


ri0t