Lets Go Around Defender with NativeDump
Рет қаралды 1,008
Күн бұрын
@ohmsohmsohms 5 ай бұрын
Another banger, starting out in pentesting/redteaming and ur really helping my methodology man. God bless you
@CyberAttackDefense 5 ай бұрын
Glad my content is helping. Thanks for watching!
@BestITintelligence 5 ай бұрын
Allways the BEST!!!!
@CyberAttackDefense 5 ай бұрын
Thank you! Glad you like it.
@ryanpinga 5 ай бұрын
excellent rundown! keep them coming!
@CyberAttackDefense 5 ай бұрын
Thanks! Will do. Anything in particular you want to see?
@ferassami3362 5 ай бұрын
Can you share your experience with the protected process concept RunAsPPl , even Native Dump cant work with it
@CyberAttackDefense 5 ай бұрын
Ah RunAsPPL is only a good step where you can’t use credential guard. It can be defeated with rogue drivers. Mimikatz has a feature to unprotect a process by using !processprotect this does require the mimidrv.sys. If you cripple Defender or other EDR protected processes can be reversed.
@neotokyo98 5 ай бұрын
could u do a video on coff loader using it to do a threadless injectio and bypassing defender dont know if itll get flagged but was curious to see how itll pan out
@CyberAttackDefense 5 ай бұрын
Last time I tried coff loader it got caught but sure. I can give it a shot.
@neotokyo98 5 ай бұрын
@@CyberAttackDefense ya give it a shot i wanted to see how itll work
Cyber Attack & Defense
Рет қаралды 1,6 М.
Push Security
Рет қаралды 2,6 М.
Cyber Attack & Defense
Рет қаралды 3,5 М.