Explore the evolution and inner workings of modern document exploit kits in this 40-minute conference talk from BSidesLV 2019. Delve into an in-depth analysis of ThreadKit and VenomKit, examining their infection chains and campaign examples. Gain insights into various exploitation techniques, including compound moniker logic exploits, composite moniker OLE objects, and scriptlet examples. Investigate buffer overflow exploits in Equation Editor and font records, as well as Adobe Flash use-after-free vulnerabilities. Learn about the adoption of red team techniques and understand the key takeaways for defending against these sophisticated threats.