Black Friday 2024: 50 Ways to Save on Online Learning
Demystifying Modern Windows Rootkits

Demystifying Modern Windows Rootkits

Black Hat via YouTube Direct link

Standard Methods of Intercepting Irps

14 of 27
Previous
Next

14 of 27

Standard Methods of Intercepting Irps

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Demystifying Modern Windows Rootkits

Automatically move to the next video in the Classroom when playback concludes
  1. 1 Intro
  2. 2 What Is This Talk About?
  3. 3 Windows Rootkits: An Overview
  4. 4 Example: Treatment by Anti-Virus
  5. 5 Abuse Legitimate Drivers
  6. 6 Just Buy a Certificate!
  7. 7 Abuse Leaked Certificates
  8. 8 Beacon Out to a C2
  9. 9 Open a Port
  10. 10 Application Specific Hooking
  11. 11 Choosing a Communication Method
  12. 12 Abusing Legitimate Communication
  13. 13 Hooking the Windows Winsock Driver
  14. 14 Standard Methods of Intercepting Irps
  15. 15 Hook a Driver's Dispatch Function
  16. 16 Abusing the Network
  17. 17 Parsing Packets: Design
  18. 18 Parsing Packets: Pre-Processing
  19. 19 Parsing Packets: Processing
  20. 20 Parsing Packets: Dispatching
  21. 21 Packet Handlers: XorPacketHandler
  22. 22 Executing Commands: User-mode
  23. 23 Executing Commands: Kernel-mode
  24. 24 Introduction to Mini-Filters
  25. 25 Become a Mini-Filter
  26. 26 Hook a Mini-Filter: Code Hook
  27. 27 Example: Abusing a Mini-Filter

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.