Roll for Stealth: Intro to AV & EDR Evasion

Presented at Kernelcon 2023, April 14, 2023, 1:30 p.m. (60 minutes)

Evading detection by modern AV & EDR can seem daunting and near impossible to the uninitiated. If the idea of trying to get a payload past these defenses seems unattainable and too “l337,” then this talk is for you! I’ll cover some basic concepts and tools you can use to start evading detection and get your payloads running. To the initiated, this is a 101-level talk, but stick around to learn about a new tool for hiding shellcode!

Presenters:

• Mike Saunders - Red Siege
  Mike Saunders has over 25 years of experience in IT and security and has worked in the ISP, financial, insurance, and agribusiness industries. He has held a variety of roles in his career including system and network administration, development, and security architect. Mike has been performing penetration tests for a decade. Mike is an experienced speaker and has spoken at DerbyCon, Wild West Hackin’ Fest, regional BSides conferences, the NDSU Cyber Security Conference, and SANS and Red Siege webcasts.

Similar Presentations:

• BSidesDC 2014 / Adventures in Asymmetric Warfare: Fighting the AV Vendors
• THOTCON 0xA (2019) / Defeating Next-Gen AV and EDR Using Old Tricks On New Dogs
• DerbyCon 9.0 Finish Line (2019) / Defeating Next-Gen AV and EDR: Using Old (And New) Tricks on New Dogs