This document discusses automating the detection and analysis of exploit kits by using headless browsers to mimic a real browser and follow redirections through exploit kit landing pages and gates. It proposes using techniques like function hooking, attribute access hooks, and proxy objects to monitor browser interactions and gather artifacts like call stacks, DOM content, and plugin activity. The goal is to quickly replicate how exploit kits operate, trigger any payloads, and extract signatures to help identify known exploit kits and new tactics.