CONFidence 2021: Malware development for advanced adversary simulation- Patryk Czeczko, Paweł Kordos
Advanced adversaries don't solely rely on available C&C frameworks and offensive tools - they craft custom, unique software that evades detections and covertly penetrate infected network. To stay ahead of the game and be able to simulate actual threat actors it's necessary to brush up on development skills while diving deep into malware TTPs.
During the talk we will demonstrate common techniques used by malicious software and leveraged by red/purple teams during adversary simulations, including: AV/EDR evasion, code injection, anti-sandbox and anti-debug techniques, polymorphic malware, dynamic API resolving, function unhooking and more.
Whether you are a red/purple teamer interested in custom tooling development or a defender who wants to understand how advanced malware operates you will surely find this topic interesting.
Website: https://confidence-conference.org
Facebook: https://www.facebook.com/confidence.conference
Twitter: https://twitter.com/confidenceconf
Видео CONFidence 2021: Malware development for advanced adversary simulation- Patryk Czeczko, Paweł Kordos канала PROIDEA Events
During the talk we will demonstrate common techniques used by malicious software and leveraged by red/purple teams during adversary simulations, including: AV/EDR evasion, code injection, anti-sandbox and anti-debug techniques, polymorphic malware, dynamic API resolving, function unhooking and more.
Whether you are a red/purple teamer interested in custom tooling development or a defender who wants to understand how advanced malware operates you will surely find this topic interesting.
Website: https://confidence-conference.org
Facebook: https://www.facebook.com/confidence.conference
Twitter: https://twitter.com/confidenceconf
Видео CONFidence 2021: Malware development for advanced adversary simulation- Patryk Czeczko, Paweł Kordos канала PROIDEA Events
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
PLNOG23 - Marcin Samułek & Jakub Mroziński - Kubernetes as a Service
CONFidence 2015 - making of!
PLNOG15 - ICT Superhero
PLNOG Online 2: Jak zrozumieć bezpiecznika? (Piotr Głaska)
PLNOG 18 - RELACJA Video
DevOpsDays Warsaw 2019 - Victoria Almazova - Best practices for securing CI/CD pipeline
PLNOG22 - Rafał Wiosna - free.polbox.pl – pierwszy serwis darmowych kont pocztowych, wczoraj i dziś
JDD Online: Ports and Adapters (Dominik Przybysz)
4Developers 2015: Wywiad ze Sławkiem Sobótką
JDD2014: What you won't read in books about implementing rest services (J. Kubryński)
PLNOG15 - Recap
CONFidence 2014: Protecting Big Data at Scale - Davi Ottenheimer
4Developers 2015 - making of
JDD 2016 Recap!
HackYeah 2018: official aftermovie
HackYeah 2021 - The Official Aftermovie
OMH 2021: Służby, wpadki i OSIntowe kwiatki - Kamil Goryń
4Developers Online: Dawid Mazur, Błędy, które popełniłem w pracy z legacy code i jak je naprawić
PLNOG4 - Marcin Kuczera - Jak wyrzuciliśmy wszystkie linuxy, czyli centralny BRAS
Szymon Sidoruk: POKONALIŚMY SMISHING JEDNYM PODPISEM - ZOBACZ JAK █▬█ █ ▀█▀ | OMH 2023