Learn about advanced EDR evasion techniques in this 37-minute conference talk from x33fcon that explores both existing and novel approaches to bypassing Endpoint Detection and Response solutions. Dive deep into how EDR systems utilize userland hooking for threat detection, examine established evasion methods, and discover a new proof-of-concept approach for circumventing these security measures. Gain valuable insights into how modern enterprises deploy EDR solutions to complement traditional antivirus systems in detecting and preventing malicious system activities.
Bypassing EDR Detection: Userland Hooking Techniques and New Approaches
Overview
Syllabus
06. Cat & Mouse - or Chess? by Fabian Mosch
Taught by
x33fcon
Related Courses
-
HookChain: A New Perspective for Bypassing EDR Solutions
-
EDR Internals for macOS and Linux - Telemetry Sources and Evasion Techniques
-
How to Bypass AM-PPL & Disable EDRs - A Red Teamer's Story
-
EDR 솔루션 기반 Managed Detection and Response 서비스 소개
-
Detection and Response for Linux Without EDR
-
The Dark Side of EDR - Repurposing EDR as an Offensive Tool
