Рет қаралды 1,517
Educational Purposes Only!!
In this video, I'll be using Empire C2 and ORCx41 GitHub project to test the detection capabilities of Windows Defender and Elastic Agent.
Hunting malicious binaries across a sea of logs can be difficult, especially when advanced evasion TTPs are used to bypass modern detections.
Hopefully, this demo will inspire some ways to potentially catch malicious processes when AntiVirus or EDR fails to do so.
Credit:
github.com/ORCx41/TerraLdr
github.com/BC-SECURITY
www.elastic.co/elastic-agent