Ask web browser attack detection

俺是新来的

The requirement is to intercept packets, analyze communication protocols, and detect attacks against Web browsers.
My current program has been able to intercept the package and get the meaning of the fields of the package, but I don't know what kind of characteristics are the signs of attacking the web browser, I hope you masters.

俺是新来的

It ’s okay if the function is simple. The key is that there is no idea now.

wzqiiiiii

In my opinion, it is better to target the web browser attack against the system. The browser is just a springboard. Like installing some ActiveX controls (rogue software, etc.) in the background, modifying system files, or injecting malicious code (virus Trojans, etc.), you can think of so much.

sh280303120

Detect attacks against web browsers
------------
Are browser attacks useful? Web servers

gameyum

ActiveX is more popular. . . .
Expressing concern ~~

俺是新来的

Browser attacks now should be said to be a new trend. Rogue software and account theft should belong to this category. Hehe, of course, this is actually a job requirement, so I ca n’t change anything, so I want to explore What can you do after grabbing the package to find some signs of attack? For example, the initial thoughts include reorganizing the HTML file to analyze the scripting language inside it, and the analysis of ActiveX. I don't know if it is feasible.

sh280303120

Rogue software and account theft should be different from the packet capture you said

Rogue software and account theft are proactively obtaining information
Capture is passive

Restructure the HTML file to analyze the scripting language inside, and ActiveX
-------------------------
The data that you capture is also downloaded from the server is normal, unless there is a problem with the server itself, this should not be your purpose