Completed
Abuse Legitimate Drivers
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Demystifying Modern Windows Rootkits
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 What Is This Talk About?
- 3 Windows Rootkits: An Overview
- 4 Example: Treatment by Anti-Virus
- 5 Abuse Legitimate Drivers
- 6 Just Buy a Certificate!
- 7 Abuse Leaked Certificates
- 8 Beacon Out to a C2
- 9 Open a Port
- 10 Application Specific Hooking
- 11 Choosing a Communication Method
- 12 Abusing Legitimate Communication
- 13 Hooking the Windows Winsock Driver
- 14 Standard Methods of Intercepting Irps
- 15 Hook a Driver's Dispatch Function
- 16 Abusing the Network
- 17 Parsing Packets: Design
- 18 Parsing Packets: Pre-Processing
- 19 Parsing Packets: Processing
- 20 Parsing Packets: Dispatching
- 21 Packet Handlers: XorPacketHandler
- 22 Executing Commands: User-mode
- 23 Executing Commands: Kernel-mode
- 24 Introduction to Mini-Filters
- 25 Become a Mini-Filter
- 26 Hook a Mini-Filter: Code Hook
- 27 Example: Abusing a Mini-Filter