back to agenda
on this page
Shell Games: Outmaneuvering EDRs with Fileless PowerShell
- 14:40
- Thu
- 16 Nov
Stage:
Briefing Stage 3
Format:
Session
Presenter:
Senior Consultant Red Team (OT Security), CPX
PowerShell Fileless become the favorite method for APT attacks. In this research i have developed tow different versions of revers shell based on PowerShell including different persistence methods and was testing the evasion of different 16 EDRs and Premium AVs in both script and executable format. The results was shocking. In this talk we will know what are the details of PowerShell reverse shell functions along the results of EDRs and AVs evasion/detection results.
Presenter:
Senior Consultant Red Team (OT Security), CPX