How do attackers use trusted and signed tools to evade detection?

(Replay) In this episode, Spencer and Brad discuss the ever popular and highly debated topic of evasion. In this podcast we talk about evasion from the context of evading defense controls, not necessarily EDR specific evasion techniques. Our hope with this episode is to shed light on this topic and help defenders understand various methods of evasion and this topic more in general.

Resources

• (Jun 1, 2021) Evadere Classifications - detection & response focus
• Defense Evasion, Tactic TA0005 - Enterprise | MITRE ATT&CK® - controls focus
• (Mar 22, 2024) Atomics on a Friday - Evade or Bypass - edr focus

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Follow Spencer on social ⬇
Spencer's Links: https://go.spenceralessi.com/links

Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.