Logan Kroeger
I am a computer engineer who is a self-motivated and disciplined individual impassioned by cybersecurity and technology. I'm a hard worker and willing to go the extra mile because I am ambitious, eager to succeed and always enthusiastic to learn. I take pride in what I do and see myself as being conscientious and diligent, with a good work ethic. I am proactive, innovative and "think outside the box".
I have a passion for performing red team exercises, namely simulating real-world advanced cyberattacks where I can employ the latest tactics, techniques and procedures to execute on attacker goals whilst remaining undetected; with the aim of identifying security weaknesses and areas where change can be implemented to enhance security practices.
Session
Modern Endpoint Detection and Response (EDR) solutions present one of the toughest challenges for red teamers and offensive tool developers. This talk showcases a methodology used to adapt an open-source shellcode loader to bypass a modern EDR solution. Rather than showcasing a novel evasion technique destined to be signatured, the focus is on a reproducible approach to evading both static and behavioural detections.
Attendees will gain insight into the full chain of the bypass methodology:
* Identifying static signatures on disk
* Modifying loader behaviour to evade runtime detection
* Iterative testing and validation
* Applying this workflow to other public offensive tooling