2024-07-20 –, Track 2
The session will go over different techniques to bypass different types of defences you may encounter during engagements. We'll also do a brief discussion about the architecture, design, and flaws present in these defences, and why a successful reverse shell isn't always a measurement of success.
A brief overview of the topics:
Classic vs Modern defences, a move towards detection engineering and threat hunting, individual offensive research vs multimillion-dollar research teams
- Microsoft's attempts to aid in security
Driver Signing Enforcement, Smartscreen, User Account Control, Protected Process Light, etc (They are trying their best.)
- Talking about AMSI, AV, and EDR and touching on their Architecture, Design, and Bypass techniques, then going one step further to see what trails these attacks leave behind.
Always has time for a meme, but never has time for in-person interaction. I like spending weekends and free time building tools and researching malware. Ask me to do a CTF and I will ask you if I can go home.