Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Windows EventLog Persistence Techniques for Red Team Operations

BSidesLV via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore advanced Windows exploitation techniques in this 32-minute conference talk from BSidesLV. Delve into three innovative methods for bypassing security measures and maintaining persistence in Windows environments during red team operations. Learn how to circumvent constrained language using run space with C# code, exploit XML files for privilege escalation to NT\AUTHORITY, and leverage Windows EventLog for undetectable persistence through HEX shellcode storage. Gain insights into offensive strategies that challenge built-in protection mechanisms like Applocker, and discover potential detection and mitigation approaches for defensive teams.

Syllabus

GroundFloor, Tue, Aug 6, 20:00 - Tue, Aug 6, CDT

Taught by

BSidesLV

Reviews

Start your review of Windows EventLog Persistence Techniques for Red Team Operations

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.