RED TEAM Operator: Windows Evasion Course

elNano · Sep 21, 2023

thank you

TayJus · Sep 26, 2023

Thanks

Reigin · Sep 28, 2023

Hang1234567 · Oct 4, 2023

Thank You So Much！！！

ITACHI__UCHIHA · Oct 5, 2023

elboi · Oct 7, 2023

hsspamspam · Oct 10, 2023

Thanks!

CyberDasGo · Oct 12, 2023

thanks

samwatkins435 · Oct 12, 2023

thanks

401xx · Oct 13, 2023

0xl34k · Oct 13, 2023

HackingAssets said:

Learn how to avoid modern endpoint protection technology with well-known, less known, and in-house developed techniques.

Introduction To Process Unhooking
Hooks vs Code Injection
Process Unhooking - "Classic"
Hooks vs Hell's Gate
Hooks vs Halo's Gate
Process Unhooking - Perun's Fart
Silencing Process Event Tracing
Module Stomping
No-New-Thread Payload Execution
"Classic" PPID Spoofing
Changing Parents - Scheduler
Changing Parents - Emotet Method
Cmdline Arguments Spoofing
Assignment #1 - Hooks
Assignment #2 - Module Stomping

High-privileged user vector

Blinding Eventlog
Blocking EPP Comms - Listing Connections
Blocking EPP Comms - Firewall
Blocking EPP Comms - Routing Table (P1)
Blocking EPP Comms - Routing Table (P2)
Dancing with Sysmon - Detection
Dancing with Sysmon - Kill'em!
Dancing with Sysmon - Silent Gag
Assignment #3 - Sysmon
Assignment #4 - Sysmon

Summary

Evasion Decision Tree
Closing Words

Watch Online Or Download:-

[Hidden content]

Thannnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnks

BibasXettri · Oct 13, 2023

HackingAssets said:

Learn how to avoid modern endpoint protection technology with well-known, less known, and in-house developed techniques.

Introduction To Process Unhooking
Hooks vs Code Injection
Process Unhooking - "Classic"
Hooks vs Hell's Gate
Hooks vs Halo's Gate
Process Unhooking - Perun's Fart
Silencing Process Event Tracing
Module Stomping
No-New-Thread Payload Execution
"Classic" PPID Spoofing
Changing Parents - Scheduler
Changing Parents - Emotet Method
Cmdline Arguments Spoofing
Assignment #1 - Hooks
Assignment #2 - Module Stomping

High-privileged user vector

Blinding Eventlog
Blocking EPP Comms - Listing Connections
Blocking EPP Comms - Firewall
Blocking EPP Comms - Routing Table (P1)
Blocking EPP Comms - Routing Table (P2)
Dancing with Sysmon - Detection
Dancing with Sysmon - Kill'em!
Dancing with Sysmon - Silent Gag
Assignment #3 - Sysmon
Assignment #4 - Sysmon

Summary

Evasion Decision Tree
Closing Words

Watch Online Or Download:-

[Hidden content]

Thanks

haavard961 · Oct 15, 2023

Top G

alav · Oct 16, 2023

HackingAssets said:

Learn how to avoid modern endpoint protection technology with well-known, less known, and in-house developed techniques.

Introduction To Process Unhooking
Hooks vs Code Injection
Process Unhooking - "Classic"
Hooks vs Hell's Gate
Hooks vs Halo's Gate
Process Unhooking - Perun's Fart
Silencing Process Event Tracing
Module Stomping
No-New-Thread Payload Execution
"Classic" PPID Spoofing
Changing Parents - Scheduler
Changing Parents - Emotet Method
Cmdline Arguments Spoofing
Assignment #1 - Hooks
Assignment #2 - Module Stomping

High-privileged user vector

Blinding Eventlog
Blocking EPP Comms - Listing Connections
Blocking EPP Comms - Firewall
Blocking EPP Comms - Routing Table (P1)
Blocking EPP Comms - Routing Table (P2)
Dancing with Sysmon - Detection
Dancing with Sysmon - Kill'em!
Dancing with Sysmon - Silent Gag
Assignment #3 - Sysmon
Assignment #4 - Sysmon

Summary

Evasion Decision Tree
Closing Words

Watch Online Or Download:-

[Hidden content]

d

ITACHI__UCHIHA · Oct 16, 2023

ITACHI__UCHIHA · Oct 16, 2023

yoooobroooo · Oct 16, 2023

Thanks

eoifh · Oct 17, 2023

hhdxz · Oct 19, 2023

thanks

FireGhost · Oct 19, 2023

HackingAssets said:

了解如何利用众所周知的、鲜为人知的和内部开发的技术来避免现代端点保护技术。

内容

简介和设置

课程介绍
开发虚拟机设置
RTO-WinEva.ova
WEv.zip

必需品

现代检测技术
规避开发规则
二元熵
模块详情
二进制签名

非特权用户向量

进程脱钩简介
挂钩与代码注入
脱钩过程 - “经典”
胡克斯 vs 地狱之门
胡克斯 vs 光环之门
进程脱钩 - Perun 的屁
静默进程事件追踪
模块踩踏
无新线程有效负载执行
“经典”PPID 欺骗
改变父母 - 调度程序
改变父母 - Emotet 方法
命令行参数欺骗
作业 #1 - 钩子
作业 #2 - 模块踩踏

高权限用户向量

致盲事件日志
阻止 EPP 通信 - 列出连接
阻止 EPP 通信 - 防火墙
阻止 EPP 通信 - 路由表 (P1)
阻止 EPP 通信 - 路由表 (P2)
与 Sysmon 共舞 - 检测
与 Sysmon 共舞 - 杀死他们！
与 Sysmon 共舞 - 无声插科打诨
作业 #3 - Sysmon
作业 #4 - Sysmon

概括

规避决策树
结束语

在线观看或下载：-

[隐藏内容]

谢谢

RED TEAM Operator: Windows Evasion Course

New member

New member

New member

New member

Member

New member

New member

New member

New member

New member

New member

Contents​

Intro and Setup​

Essentials​

Non-privileged user vector​

High-privileged user vector​

​

Summary​

Watch Online Or Download:-​

New member

Contents​

Intro and Setup​

Essentials​

Non-privileged user vector​

High-privileged user vector​

​

Summary​

Watch Online Or Download:-​

New member

Member

Contents​

Intro and Setup​

Essentials​

Non-privileged user vector​

High-privileged user vector​

​

Summary​

Watch Online Or Download:-​

Member

Member

New member

New member

New member

New member

内容​

简介和设置​

必需品​

非特权用户向量​

高权限用户向量​

​

概括​

在线观看或下载：-​

Contents

Intro and Setup

Essentials

Non-privileged user vector

High-privileged user vector

Summary

Watch Online Or Download:-

Contents

Intro and Setup

Essentials

Non-privileged user vector

High-privileged user vector

Summary

Watch Online Or Download:-

Contents

Intro and Setup

Essentials

Non-privileged user vector

High-privileged user vector

Summary

Watch Online Or Download:-

内容

简介和设置

必需品

非特权用户向量

高权限用户向量

概括

在线观看或下载：-