Skip to content

Slides and reference material from Evading Autoruns presentation at DerbyCon 7 (September 2017)

License

Notifications You must be signed in to change notification settings

huntresslabs/evading-autoruns

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Evading Autoruns - DerbyCon 7.0

Slides and reference material from Evading Autoruns presentation at DerbyCon 7 (September 2017)

Watch the talk on YouTube

Abstract

When it comes to offense, maintaining access to your endpoints is key. For defenders, it's equally important to discover these footholds within your network. During this talk, Kyle and Chris will expose several semi-public and private techniques used to evade the most common persistence enumeration tools. Their techniques will explore ways to re-invent the run key, unconventionally abuse search order, and exploit trusted applications. To complement their technical explanations, each bypass will include a live demo and recommendations for detection.

For the past 10 years, Kyle Hanslovan has supported defensive and offensive cyber operations in the U.S. Intelligence Community and currently is the CEO of Huntress Labs. He actively participates in the ethical hacking community as a Black Hat conference trainer, STEM mentor, and Def Con CTF champion. Additionally, he serves in the Maryland Air National Guard as a Cyber Warfare Operator. Chris Bisnett is a veteran information security researcher with more than a decade of experience in offensive and defensive cyber operations. While serving with the NSA RedTeam, he attacked government networks and systems to identify and remedy vulnerabilities. He is also a recognized Black Hat conference trainer for the “Fuzzing For Vulnerabilities” and ""Embedded Fuzzing"" courses.

References

Credits

Thanks to:

About

Slides and reference material from Evading Autoruns presentation at DerbyCon 7 (September 2017)

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published