Jump to content
Nytro

Evasion in Depth - Techniques Across the Kill-Chain by Mariusz Banach

Recommended Posts

 

The talk discusses a few techniques that can be applied by Red Team across every stage of the cyber kill-chain to reduce their activities detection rate. Author will share evasion tactics he's been following during recently held engagements One of the toughest hurdles of every Red Team engagement is obviously detection potential of exercised Blue Teams. These teams base their defensive capabilities on systems producing feed of incident events sensing potentially malicious IOCs such as domains, API calls invoked in monitored system or unusual file types. Red Teams aiming to simulate APTs should therefore apply evasion strategies in every step of their designed kill-chain to lower detection rates and increase success rate of accomplishing engagement goals while undetected. For Red Teamer, every stage of the kill chain has its own issues detection-wise. This talk will therefore try to map out some of these detection areas and discuss appropriate evasion strategies combating them.

  • Upvote 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...