Dive into a groundbreaking 49-minute Black Hat conference talk that unveils the first-ever reverse engineering of Windows Defender's antivirus emulator. Explore the intricate workings of Defender's emulator used for analyzing potentially malicious Windows PE binaries on endpoints. Presented by Alexei Bulazel, this pioneering research offers unprecedented insights into the internals of antivirus binary emulators, a topic previously unexplored in conference talks or publications. Gain valuable knowledge about Windows security mechanisms and enhance your understanding of advanced malware analysis techniques. Access the full abstract and supplementary materials to deepen your comprehension of this cutting-edge cybersecurity topic.
Windows Offender - Reverse Engineering Windows Defender's Antivirus Emulator
Overview
Syllabus
Windows Offender: Reverse Engineering Windows Defender's Antivirus Emulator
Taught by
Black Hat
Related Courses
-
Reverse Engineering Windows Defender Part II
-
Reverse Engineering Windows Defender's JavaScript Engine
-
Analyzing and Reverse Engineering Antivirus Signatures
-
AVLeak - Fingerprinting Antivirus Emulators for Advanced Malware Evasion
-
Windows Defender - Demystifying and Bypassing ASR by Understanding the AV's Signatures
-
Sandbagility - Reverse Engineering Framework for Windows Dynamic Analysis
