CONFidence 2021: Malware development for advanced adversary simulation- Patryk Czeczko, Paweł Kordos
Advanced adversaries don't solely rely on available C&C frameworks and offensive tools - they craft custom, unique software that evades detections and covertly penetrate infected network. To stay ahead of the game and be able to simulate actual threat actors it's necessary to brush up on development skills while diving deep into malware TTPs.
During the talk we will demonstrate common techniques used by malicious software and leveraged by red/purple teams during adversary simulations, including: AV/EDR evasion, code injection, anti-sandbox and anti-debug techniques, polymorphic malware, dynamic API resolving, function unhooking and more.
Whether you are a red/purple teamer interested in custom tooling development or a defender who wants to understand how advanced malware operates you will surely find this topic interesting.
Website: https://confidence-conference.org
Facebook: https://www.facebook.com/confidence.conference
Twitter: https://twitter.com/confidenceconf
Видео CONFidence 2021: Malware development for advanced adversary simulation- Patryk Czeczko, Paweł Kordos канала PROIDEA Events
During the talk we will demonstrate common techniques used by malicious software and leveraged by red/purple teams during adversary simulations, including: AV/EDR evasion, code injection, anti-sandbox and anti-debug techniques, polymorphic malware, dynamic API resolving, function unhooking and more.
Whether you are a red/purple teamer interested in custom tooling development or a defender who wants to understand how advanced malware operates you will surely find this topic interesting.
Website: https://confidence-conference.org
Facebook: https://www.facebook.com/confidence.conference
Twitter: https://twitter.com/confidenceconf
Видео CONFidence 2021: Malware development for advanced adversary simulation- Patryk Czeczko, Paweł Kordos канала PROIDEA Events
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![PLNOG23 - Marcin Samułek & Jakub Mroziński - Kubernetes as a Service](https://i.ytimg.com/vi/ZT6yVe5hQzg/default.jpg)
![CONFidence 2015 - making of!](https://i.ytimg.com/vi/xs9loAJ3c2M/default.jpg)
![PLNOG15 - ICT Superhero](https://i.ytimg.com/vi/KLdFtb3v3DM/default.jpg)
![PLNOG Online 2: Jak zrozumieć bezpiecznika? (Piotr Głaska)](https://i.ytimg.com/vi/v6aP4Zui_2Q/default.jpg)
![PLNOG 18 - RELACJA Video](https://i.ytimg.com/vi/hyZgehu5iuA/default.jpg)
![DevOpsDays Warsaw 2019 - Victoria Almazova - Best practices for securing CI/CD pipeline](https://i.ytimg.com/vi/ml_vbfiQQlY/default.jpg)
![PLNOG22 - Rafał Wiosna - free.polbox.pl – pierwszy serwis darmowych kont pocztowych, wczoraj i dziś](https://i.ytimg.com/vi/Ib7Fw-mRaxI/default.jpg)
![JDD Online: Ports and Adapters (Dominik Przybysz)](https://i.ytimg.com/vi/91pnKrnCDeI/default.jpg)
![4Developers 2015: Wywiad ze Sławkiem Sobótką](https://i.ytimg.com/vi/TcjATFUOxyM/default.jpg)
![JDD2014: What you won't read in books about implementing rest services (J. Kubryński)](https://i.ytimg.com/vi/GjaHcybt8yw/default.jpg)
![PLNOG15 - Recap](https://i.ytimg.com/vi/M5yIduD9tTw/default.jpg)
![CONFidence 2014: Protecting Big Data at Scale - Davi Ottenheimer](https://i.ytimg.com/vi/C8Scbx82uZM/default.jpg)
![4Developers 2015 - making of](https://i.ytimg.com/vi/EP5s0HmXSgM/default.jpg)
![JDD 2016 Recap!](https://i.ytimg.com/vi/A1fxOpkzdxs/default.jpg)
![HackYeah 2018: official aftermovie](https://i.ytimg.com/vi/j1cBWxgXb44/default.jpg)
![HackYeah 2021 - The Official Aftermovie](https://i.ytimg.com/vi/DP2C_e7fsLo/default.jpg)
![OMH 2021: Służby, wpadki i OSIntowe kwiatki - Kamil Goryń](https://i.ytimg.com/vi/dlyIeJijh7E/default.jpg)
![4Developers Online: Dawid Mazur, Błędy, które popełniłem w pracy z legacy code i jak je naprawić](https://i.ytimg.com/vi/xsQN8ROdduA/default.jpg)
![PLNOG4 - Marcin Kuczera - Jak wyrzuciliśmy wszystkie linuxy, czyli centralny BRAS](https://i.ytimg.com/vi/l16dbwWo5w0/default.jpg)
![Szymon Sidoruk: POKONALIŚMY SMISHING JEDNYM PODPISEM - ZOBACZ JAK █▬█ █ ▀█▀ | OMH 2023](https://i.ytimg.com/vi/HFgOdOUaqx4/default.jpg)