Windows Rootkit Development - Python Prototyping to Kernel Level C2
Offered By: YouTube
Course Description
Overview
Explore Windows rootkit development techniques in this 47-minute conference talk from Derbycon 7. Dive into the challenges faced by attackers and learn how to navigate through rough seas. Discover methods for plundering in plain sight and controlling network traffic using kernel-mode drivers. Gain insights into user and kernel modes, as well as techniques for handling TCP connections manually. Examine goal-oriented diversion tactics and proxy traffic manipulation strategies. Delve into weaponization techniques and deployment strategies for rootkits. Conclude with a discussion on defense and detection methods, followed by a Q&A session.
Syllabus
Introduction
Rough seas - the issues attackers face
Plundering in plain sight
Control network traffic with kernel-mode drivers
User and kernel mode
Handling TCP Connection Manually
Goal 2 Diversion
Proxy Traffic Manipulation
Weaponization
Deployment Strategies
Defend and Detect
Questions?
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network