Bypassing AV/EDR API Hooks | A Deep Dive into Direct System Calls | Red Teaming
Hello Everyone! In this video, we explore advanced techniques for bypassing modern Endpoint Detection and Response (EDR) systems and antivirus solutions. You'll learn how to leverage API hooks and direct system calls to execute payloads stealthily, avoiding detection by security tools. Whether you're an ethical hacker, red teamer, or cybersecurity enthusiast, this in-depth guide will provide you with practical insights into evasion tactics and stealthy execution. Enhance your understanding of modern bypass methods and take your offensive security skills to the next level. Timestamps: 0:00 Intro 1:24 Intro to syscalls and direct syscalls 4:00 Practical usage of a syscall 6:33 How EDRs hook WinAPI calls 10:12 Setting up our development env 14:51 Setting up function prototype and custom syscall stubs 27:21 Remote Process Injection using a shellcode 30:00 Final POC Resources : Link to the slide used in the video : https://drive.google.com/file/d/1ShR2... Github repo of the POCs used in the video : https://github.com/Vedant-Bhalgama/Di... Further References of syscalls and Direct System Calls : https://www.outflank.nl/blog/2019/06/... https://redops.at/en/blog/direct-sysc... https://malwaretech.com/2023/12/an-in... https://www.depthsecurity.com/blog/cl... Note: All videos and tutorials are for informational and educational purposes only. I believe that ethical hacking, information security, and cybersecurity should be familiar subjects to anyone using digital information and computers. We believe that it is impossible to defend yourself from hackers without knowing how hacking is done. The tutorials and videos provided on this channel are only for those interested in learning about Ethical Hacking, Security, and Penetration Testing. Hacking tutorials are against the misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used.

Какой была Россия накануне Владимира Путина

Gary Stevenson says Britain is FINISHED unless we fix this problem

DEF CON 32 - Defeating EDR Evading Malware with Memory Forensics - Case, Sellers, Richard, et al.

The World's Most Important Machine

Develop Your Own RAT: EDR + AV Defense by Dobin Rutishauser

DEF CON 32 - HookChain A new perspective for Bypassing EDR Solutions - Helvio Carvalho Junior

Port Numbers Explained | Nmap & Wireshark Demo | TCP/IP Model

Using NMAP Like a Red Team Operator (OPSEC Matters!)

Systemd Explained: How to Manage Linux Services Easily

MalDev and Syscalls and BOFs, Oh My!

EDR Evasion Techniques EXPOSED : Using Windows to Break Windows - Payatu Webinar

Silent Intruders: Dissecting EDR Bypass Strategies in APT Attacks - by Chao Wei-Chieh

#HITB2022SIN EDR Evasion Primer For Red Teamers - Jorge Gimenez & Karsten Nohl

Dirty Vanity: A New Approach to Code Injection & EDR Bypass

SIEGECAST Modern Malware

Tales of AV/EDR Bypass - Double Feature w/ Greg Hatcher & John Stigerwalt

Real-Time WebSockets Course | Build a Live Sports Dashboard with Node.js & PostgreSQL

Master of Puppets: How to Tamper an EDR?

Malware Development in C | PrivEsc via Access Token Manipulation | Token Impersonation

