The Cyber Threat Perspective Episode 121: How We Evade Detection During Internal Pentests
9 snips
Jan 24, 2025 Dive into the intriguing world of evasion in internal penetration testing. Discover how security professionals cleverly navigate detection systems using customized tools and obfuscation methods. Learn about adapting techniques to overcome modern security challenges, as well as the role of languages like PowerShell and C#. Explore advanced tactics like token duplication for lateral movement, emphasizing the need for better monitoring to catch subtle threats. This insightful discussion bridges the gap between offensive strategies and defensive measures in cybersecurity.
AI Snips
Chapters
Transcript
Episode notes
Evasion Importance Internally
- Internal evasion is harder due to better defenses like EDR and network monitoring.
- Threat actors must evade detection to achieve goals like ransomware or data exfiltration.
Evasion in Internal Pentesting
- Pen testers use evasion techniques on internal tests to determine the detection threshold.
- This helps clients understand how easily their activities are detected and where improvements are needed.
Avoidance vs. Evasion
- Avoidance is about finding weaknesses in security coverage, not the effectiveness of tools.
- Increase coverage or use alternative detection methods to mitigate this.