Your Mitigations Are My Opportunities - Windows Exploitation and Bypass Techniques
Offered By: OffensiveCon via YouTube
Course Description
Overview
Explore Windows exploitation techniques and bypass strategies in this 50-minute conference talk from OffensiveCon. Delve into topics such as Intel CT, Windows CT, HVCI bypass, EDR evasion, and driver disabling. Learn about practical examples, including the WDFilter FSctl Handler, and witness a live debugger demonstration. Gain valuable insights into offensive security approaches and understand how attackers can leverage existing mitigations as opportunities for exploitation.
Syllabus
Intro
About Yarden
Windows Exploitation
Intel CT
Windows CT
Bypass
HVCI
EDRS
Disable Drivers
Example
File Name
drivers
WDFilter
FSctl Handler
Debugger
Demo
Summary
Taught by
OffensiveCon
Related Courses
XNU Heap Exploitation - From Kernel Bug to Kernel Controlnullcon via YouTube Kernel Exploitation with a File System Fuzzer
Hack In The Box Security Conference via YouTube iOS 10 Kernel Heap Revisited
Hack In The Box Security Conference via YouTube Swiping Through Modern Security Features
Hack In The Box Security Conference via YouTube Turning - Page Tables - Bypassing Advanced Kernel Mitigations Using Page Tables Manipulations
BSidesLV via YouTube