Tales of AV/EDR Bypass - Double Feature w/ Greg Hatcher & John Stigerwalt
Вставка
- Опубліковано 29 сер 2024
- /// 🛝
www.antisyphon...
Join us for an hour of insights and expertise with two outstanding instructors, as they deliver a pair of captivating presentations back-to-back in this week's live Antisyphon Anti-cast.
Presentation One: Tales of AV/EDR Bypass: Overcoming Detection with Compilers w/ John Stigerwalt
- Compiler tactics for bypassing AV and EDR safeguards.
- Cobalt Strike payloads' potential to evade security measures.
- Compilers like Clang++, LLVM, and G++ in security strategies.
Presentation Two: Tales of AV/EDR Bypass: Using ROP to Call Windows APIs w/ Greg Hatcher
- Evolution of shellcode loaders and AV/EDR detection.
- Exploring Windows callbacks within thread pools.
- Learning to call Windows APIs using ROP gadgets.
- Understanding the limitations of current detection mechanisms.
Show up early for the pre-show banter! Chat with your fellow attendees in the Antisyphon Discord server here: / discord -- in the #webcast-livestreams channel