Explore advanced Windows exploitation techniques in this 32-minute conference talk from BSidesLV. Delve into three innovative methods for bypassing security measures and maintaining persistence in Windows environments during red team operations. Learn how to circumvent constrained language using run space with C# code, exploit XML files for privilege escalation to NT\AUTHORITY, and leverage Windows EventLog for undetectable persistence through HEX shellcode storage. Gain insights into offensive strategies that challenge built-in protection mechanisms like Applocker, and discover potential detection and mitigation approaches for defensive teams.
Windows EventLog Persistence Techniques for Red Team Operations
Overview
Syllabus
GroundFloor, Tue, Aug 6, 20:00 - Tue, Aug 6, CDT
Taught by
BSidesLV
Related Courses
-
Active Directory Pentesting Full Course - Red Team Hacking
-
Windows Event Log Persistence Techniques - Bypassing Protections and Maintaining Access
-
10 Years of Windows Privilege Escalation with Potatoes
-
Windows Red Team Privilege Escalation Techniques - Bypassing UAC and Kernel Exploits
-
Windows Red Team Persistence Techniques - Persistence With PowerShell Empire
-
Windows Privilege Escalation Techniques - Red Team Series
