In the modern enterprise Windows environment we often encounter lots of obstacles, which try to detect and stop our sneaky tools and techniques. Endpoint protection agents (AV, IDS/IPS, EDR, etc.) are getting better and better at this, so this requires an extended effort in finding a way into the system and staying undetected during post-exploitation activities.
This course will guide you though modern detection technology and teach how you can try to avoid it. This means understanding how the technology works and developing certain capabilities to stay under the radar.
You will receive a virtual machine with complete environment for developing and testing your software, and a set of source code templates which will allow you to focus on understanding the essential mechanisms instead of less important technical aspects of implementation.
COURSE IN A NUTSHELL
You Will Learn
What Will You Get?
Target Audience
- How a modern detection looks like
- How to get rid of process' internal operations monitoring
- How to make your payload look benign in memory
- How to break process parent-child relation
- How to disrupt EPP/EDR logging
- What is Sysmon and how to bypass it
- Full-blown videos explaining all techniques in detail
- Transcription with English subtitles
- Text supplements with additional information (code snipets, structure definitions, technology description and context, etc.)
- Source code with code templates for rapid development
- VM image with ready-to-use development environment
Requirements- Recommended: taking Malware Development Essentials and Malware Development Intermediate courses
- Solid experience with Windows OS
- Solid C/C++ programming knowledge
- Computer with min. 4 GB of RAM + 30 GB of free disk space
- VirtualBox 6.0+ installed
- Strong will to learn and having fun
- Ethical Hackers
- Penetration Testers
- Blue Teamers
- Threat Hunters
- All security engineers/professionals wanting to learn advanced offensive tactics
