Creative Windows Evasion and Forensics with Yarden Shafir

No video

Creative Windows Evasion and Forensics with Yarden Shafir

Рет қаралды 2,458

Күн бұрын

Where does malware hide when it wants to avoid detection? And what can you do to find it? Let’s look into some creative forensics techniques using WinDbg and other tools, to find potential evidence of malicious activity (and if you’re on the offensive side: places where defenders won’t think to look)!

Пікірлер: 14

@MarshallHallenbeck 3 ай бұрын

Yarden is seriously just a legend. This stuff alone is insane. She's literally writing raw debugging commands from memory like they're bash commands. Everyone should hope to achieve mastery of something even half as well as she understands this stuff.

@OffByOneSecurity 2 ай бұрын

Agreed, she's great!

@Ethernel0 2 ай бұрын

Great content! cool tricks she used with the debugger! Thx:)

@unknownboi9084 3 ай бұрын

Sir i wanted to ask a question about something. My mother just bought me a book called "Hacking:The Art of Exploitation". It's a great book but is it still relevant. I don't wanna make my mom sad that she bought me an irrelevant book, but is that good for a beginner guide for exploit development.??? Please answer.

@flrn84791 3 ай бұрын

It is very much relevant to get a good idea of C, assembly, basic binary exploitation stuff like buffer overflows, format string vulns, etc. 100% recommend, that was my first "hacking" book and I loved it. I highly suggest to type the C examples along, compile them, debug them, try to exploit them yourself, don't just read the book, do the book.

@OffByOneSecurity 2 ай бұрын

I agree with what @flrn84791 said. It's still a great book for the introduction to binary exploitation. It's all 32-bit, unlike today with 64-bit, and it also doesn't take into account exploit mitigations, which are the biggest challenge to those of us doing binary exploitation on modern OSes.