Zombie Ant Farming - Practical Tips for Playing Hide and Seek with Linux EDRs

Explore practical techniques for evading Linux Endpoint Detection and Response (EDR) systems in this 47-minute Black Hat conference talk. Discover how to leverage approved executables as decoys for executing foreign code and examine the fundamental components of Linux malware that can be triggered by dynamic ELF loaders and process bootstrap routines. Gain insights into post-exploitation capabilities and learn strategies to operate beneath the EDR radar. Presented by Dimitry Snezhkov, this talk provides valuable information for both offensive security professionals and those looking to enhance their Linux system defenses.

Zombie Ant Farming: Practical Tips for Playing Hide and Seek with Linux EDRs