Explore Windows exploitation techniques and bypass strategies in this 50-minute conference talk from OffensiveCon. Delve into topics such as Intel CT, Windows CT, HVCI bypass, EDR evasion, and driver disabling. Learn about practical examples, including the WDFilter FSctl Handler, and witness a live debugger demonstration. Gain valuable insights into offensive security approaches and understand how attackers can leverage existing mitigations as opportunities for exploitation.
Your Mitigations Are My Opportunities - Windows Exploitation and Bypass Techniques
OffensiveCon via YouTube
Overview
Syllabus
Intro
About Yarden
Windows Exploitation
Intel CT
Windows CT
Bypass
HVCI
EDRS
Disable Drivers
Example
File Name
drivers
WDFilter
FSctl Handler
Debugger
Demo
Summary
Taught by
OffensiveCon
