Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Certificate Bypass - Hiding and Executing Malware from a Digitally Signed Executable

Black Hat via YouTube

Overview

Explore a cutting-edge technique for concealing and executing malware within digitally signed executables in this Black Hat conference talk. Delve into the intricacies of evading security solutions by examining the PE file structure, focusing on the certificate table manipulation without compromising the file's valid digital signature. Learn about the custom-built Certificate Bypass tool and Reflective EXE Loader, which enable malware execution directly from memory without leaving traces on disk. Gain insights into the relevant PE structure fields and the steps required for in-memory execution of PE files. Witness a live demonstration showcasing how this method bypasses security solutions by exploiting their certificate table analysis techniques.

Syllabus

Certificate Bypass: Hiding and Executing Malware from a Digitally Signed Executable

Taught by

Black Hat

Reviews

Start your review of Certificate Bypass - Hiding and Executing Malware from a Digitally Signed Executable

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.