We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Adversary Village - Operation Bypass Catch My Payload If You Can

00:00

Formal Metadata

Title
Adversary Village - Operation Bypass Catch My Payload If You Can
Title of Series
Number of Parts
84
Author
License
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
Endpoint Detection and Response (EDR) have become the punching bags of the security world. Attackers employ sophisticated techniques to circumvent these controls and as a result, there has been a driving need for defenders to detect and prevent these attacks... but are they sufficient? This talk will go over all the operational considerations and tradecraft theory I've developed over the past few years when evading EDRs and other endpoint controls. This will primarily focus on techniques to ensure command and controls servers are not easily detected and contain virtually no Indicators of Compromise. This talk will then deep dive into the inner workings of the EDR bypassing framework ScareCrow,highlighting some of the lesser-known techniques and new features that are available to red teamers and pentesters. By the end of this talk, the audience should walk away with a detailed understanding of how to use ScareCrow and other opsec considerations to avoid being detected by endpoint controls and blue teams.
Service (economics)SimulationSoftware frameworkOpen sourceProxy serverFocus (optics)Coma BerenicesRSA (algorithm)Control flowSource codePoint (geometry)State of matterNumeral (linguistics)Software frameworkLevel (video gaming)Information securityProfil (magazine)Price indexComa BerenicesType theoryGame controllerOpen sourceOperator (mathematics)Computer wormData managementReal numberProxy serverServer (computing)
Video gameCycle (graph theory)Kernel (computing)Event horizonInterior (topology)Process (computing)InjektivitätCodeGUI widgetDependent and independent variablesSource codeProduct (business)ChainMechanism designEncryptionDiagramDependent and independent variablesTerm (mathematics)Video gameCycle (graph theory)Link (knot theory)Goodness of fitData miningBitProjective planeExterior algebraNatural numberSystem administratorBlock (periodic table)Computer-assisted translationGame theoryDifferent (Kate Ryan album)Phase transitionOrder (biology)Mechanism designCuboidSeries (mathematics)Combinational logicVirtual machineMultiplication signPhysical systemSinc functionWindowSoftwareLine (geometry)Normal (geometry)Digital photographySign (mathematics)ThumbnailPatch (Unix)Machine learningKernel (computing)Gastropod shellCodePoint (geometry)Process (computing)FlagSystem callEvent horizonElectronic signatureInjektivitätIntegrated development environmentInformationChainType theoryRule of inferencePower (physics)Game controllerHash functionLevel (video gaming)1 (number)Product (business)Structural loadElectronic mailing listCartesian coordinate systemBootingDeterminantWalther-Meissner-Institut für Tieftemperaturforschung
ChainMechanism designEncryptionRead-only memoryRadical (chemistry)Event horizonProcess (computing)Pressure volume diagramElectronic signatureBinary fileInternetworkingComputer fileGUI widgetOperator (mathematics)Fisher's exact testFinite element methodScripting languageAdditionGastropod shellWeb 2.0Price indexComputer fileEncryptionPosition operatorMultiplication signDataflowRight angleCharacteristic polynomialData streamRadical (chemistry)Black box1 (number)Product (business)Point (geometry)Decision theoryScripting languageFlow separationUniform resource locatorProxy serverIntegrated development environmentBitBinary fileRule of inferenceMechanism designUniverse (mathematics)Video gameOperator (mathematics)ChainInformationGame controllerAreaAntivirus softwareBlock (periodic table)Type theoryBinary codeInformation securityProcess (computing)Semiconductor memoryString (computer science)Event horizonEmailSystem callHydraulic jumpFile formatGastropod shellCodeBootingCuboidConnected spaceInteractive televisionSimulation
Network topologyPressure volume diagramEvent horizonCoefficient of determinationInformationGastropod shellPower (physics)EncryptionSubstitute goodFluid staticsString (computer science)Rule of inferenceBootingIntegrated development environmentBinary fileComputer fileAttribute grammarMetadataMiniDiscProcess (computing)Structural loadRead-only memoryGUI widgetInformationNetwork topologyMiniDiscEvent horizonBinary codePoint (geometry)String (computer science)CodeComputer fileMetadataAttribute grammarPrice indexGame controllerIntegrated development environmentProduct (business)Coma BerenicesEnterprise architectureType theoryBootingSemiconductor memoryProcess (computing)Functional (mathematics)InjektivitätGastropod shellBlock (periodic table)System administratorDecision theoryMalwareBuildingChainCausalityMeasurementNeuroinformatikInsertion lossLaptopSystem callMobile appStructural loadProcedural programmingBitGroup actionComputer programming1 (number)Form (programming)Latent heatClient (computing)Limit (category theory)CuboidWordRule of inferenceServer (computing)Power (physics)Formal languageEncryptionState observerAdvanced Encryption StandardStreaming mediaPerspective (visual)Multiplication signDifferent (Kate Ryan album)Operator (mathematics)QuicksortLine (geometry)Combinational logicProper mapRegulärer Ausdruck <Textverarbeitung>WindowPhysical systemMereology
System callPatch (Unix)CodeAttribute grammarData typeBootingComa BerenicesStructural loadBinary fileControl flowPlug-in (computing)Process (computing)Function (mathematics)Extension (kinesiology)Read-only memoryDependent and independent variablesProduct (business)CurvatureProxy serverSingle-precision floating-point formatDefault (computer science)GUI widgetTime domainFlagMacro (computer science)Object (grammar)Recursive descent parserSerial portGame controllerSoftwareSign (mathematics)Enterprise architectureDefault (computer science)Module (mathematics)Line (geometry)Validity (statistics)PasswordProxy serverArithmetic meanMultiplication signStructural load1 (number)Scripting languageCellular automatonDomain nameSampling (statistics)Computer configurationSemiconductor memory2 (number)MiniDiscSoftware frameworkKernel (computing)Product (business)Keyboard shortcutGroup actionClient (computing)Different (Kate Ryan album)WindowBit rateBinary fileFluidDomain nameCodeBootingBinary codeType theoryPlug-in (computing)FlagGastropod shellComputer fileAttribute grammarProcess (computing)WordRecursive descent parserIntegrated development environmentPhysical systemAdvanced Encryption StandardFile formatObject (grammar)InformationInformation securityElectronic signatureBookmark (World Wide Web)Macro (computer science)Coma BerenicesHookingExploit (computer security)Stack (abstract data type)
BootingProxy serverSerial portTime domainMaizeCodeGastropod shellPhysical systemBootingProcess (computing)Price indexComputer animation
Electronic signatureReal numberDirect numerical simulationInternetworkingString (computer science)EmailComputer configurationUniqueness quantificationResource allocationProcess (computing)Content delivery networkPublic key certificatePrice indexProfil (magazine)InternetworkingDifferent (Kate Ryan album)String (computer science)Formal languageWindowPoint (geometry)Source codeGraphical user interfaceProcess (computing)Direct numerical simulationElectronic signatureComputer wormComputer fileGastropod shellCodeSemiconductor memoryComa BerenicesStandard deviationMedical imagingInjektivitätInheritance (object-oriented programming)Public key certificateTheory of relativityComputer configurationLevel (video gaming)Normal (geometry)Type theoryRight angleUniform resource locatorSoftware developerElectronic mailing listEmailPhysical systemState of matterRandomizationResource allocationServer (computing)Procedural programmingMultiplication signReading (process)Computer-assisted translationGame theorySlide ruleMacro (computer science)FreewareTwitterDecision theoryThread (computing)Flow separationContent delivery networkOverhead (computing)BuildingSoftware frameworkBookmark (World Wide Web)Integrated development environmentError messageGroup actionTemplate (C++)Game controllerTouchscreenProduct (business)ResultantSimulationTransformation (genetics)MalwareStack (abstract data type)Entropie <Informationstheorie>System on a chip
Transcript: English(auto-generated)