Windows Offender: Reverse Engineering Windows Defender's Antivirus Emulator
In this presentation, we'll look at Defender's emulator for analysis of potentially malicious Windows PE binaries on the endpoint. To the best of my knowledge, there has never been a conference talk or publication on reverse engineering the internals of any antivirus binary emulator before.
By Alexei Bulazel
Full abstract and materials: https://www.blackhat.com/us-18/briefings/schedule/#windows-offender-reverse-engineering-windows-defenders-antivirus-emulator-9981
Видео Windows Offender: Reverse Engineering Windows Defender's Antivirus Emulator канала Black Hat
By Alexei Bulazel
Full abstract and materials: https://www.blackhat.com/us-18/briefings/schedule/#windows-offender-reverse-engineering-windows-defenders-antivirus-emulator-9981
Видео Windows Offender: Reverse Engineering Windows Defender's Antivirus Emulator канала Black Hat
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![Scammers Who Scam Scammers, Hackers Who Hack Hackers: Exploring a Sub-economy on Cybercrime Forums](https://i.ytimg.com/vi/5bNQnNdZeb0/default.jpg)
![Ret2page: The Art of Exploiting Use-After-Free Vulnerabilities in the Dedicated Cache](https://i.ytimg.com/vi/HZk2egYDXxg/default.jpg)
![Attack on Titan M, Reloaded: Vulnerability Research on a Modern Security Chip](https://i.ytimg.com/vi/bCjkAkXiwK4/default.jpg)
![AEPIC Leak: Architecturally Leaking Uninitialized Data from the Microarchitecture](https://i.ytimg.com/vi/8ZWc7Hcsl8o/default.jpg)
![Attacks From a New Front Door in 4G & 5G Mobile Networks](https://i.ytimg.com/vi/XzvWguiFPX8/default.jpg)
![Android Universal Root: Exploiting Mobile GPU / Command Queue Drivers](https://i.ytimg.com/vi/kEl5qbLZVeY/default.jpg)
![AAD Joined Machines - The New Lateral Movement](https://i.ytimg.com/vi/ZPI2OB0g028/default.jpg)
![A Journey Into Fuzzing WebAssembly Virtual Machines](https://i.ytimg.com/vi/V3a5asx9aLQ/default.jpg)
![A New Trend for the Blue Team: Using a Symbolic Engine to Detect Evasive Forms of Malware/Ransomware](https://i.ytimg.com/vi/CIjzABWO3DY/default.jpg)
![Monitoring Surveillance Vendors: A Deep Dive into In-the-Wild Android Full Chains in 2021](https://i.ytimg.com/vi/0Vv5kLj0tz4/default.jpg)
![New Memory Forensics Techniques to Defeat Device Monitoring Malware](https://i.ytimg.com/vi/Qgu5CGV-4JY/default.jpg)
![The 8th Annual Black Hat USA NOC Report](https://i.ytimg.com/vi/ABUC7ZGB1Ok/default.jpg)
![Better Privacy Through Offense: How To Build a Privacy Red Team](https://i.ytimg.com/vi/WJXjl8vk_nM/default.jpg)
![Unlimited Results: Breaking Firmware Encryption of ESP32-V3](https://i.ytimg.com/vi/wfZHQocTsZo/default.jpg)
![Backdooring and Hijacking Azure AD Accounts by Abusing External Identities](https://i.ytimg.com/vi/uKDS2t9_KsA/default.jpg)
![Automatic Protocol Reverse Engineering](https://i.ytimg.com/vi/tXEMiOMGk0M/default.jpg)
![Pwning Cloud Vendors with Untraditional PostgreSQL Vulnerabilities](https://i.ytimg.com/vi/X6CiUD3EcfQ/default.jpg)
![Keynote: Black Hat at 25: Where Do We Go from Here?](https://i.ytimg.com/vi/doRZwCbbyNs/default.jpg)
![Pre-Stuxnet, Post-Stuxnet: Everything Has Changed, Nothing Has Changed](https://i.ytimg.com/vi/noNx1Dmo3K0/default.jpg)
![Process Injection: Breaking All macOS Security Layers With a Single Vulnerability](https://i.ytimg.com/vi/0RVs4yBQEjk/default.jpg)
![BrokenMesh: New Attack Surfaces of Bluetooth Mesh](https://i.ytimg.com/vi/ZqWGaDWEc1Y/default.jpg)