BHIS | Getting Started in Covert .NET Tradecraft for Post-Exploitation – Kyle Avery

preview_player
Показать описание


0:00:00 - FEATURE PRESENTATION: Covert .NET Tradecraft
0:01:25 - Agenda
0:01:55 - Intro to .NET - What is it?
0:06:16 - Intro to .NET - Key Features
0:08:59 - Intro to .NET - Why do we care?
0:11:57 - Methods of Execution - .NET Assembly Execution
0:13:42 - Methods of Execution - Fork-n-Run OPSEC
0:24:40 - Methods of Execution - .NET Execution without Fork-n-Run
0:28:28 - DEMO: Third Eye
0:29:20 - .NET Log Sources - ASMI
0:32:48 - .NET Log Sources - ETW
0:36:37 - .NET Obfuscation
0:39:22 - .NET Obfuscation - ConfuserEX
0:40:58 - DEMO: Obfuscate Seatbelt
0:41:33 - .NET Obfuscation - Additional Obfuscation
0:46:44 - Operation Prechecks
0:48:13 - Operation Prechecks - DNSpy
0:49:15 - Operation Prechecks - ThreatCheck
0:49:53 - DEMO: Running ThreatCheck
0:50:47 - Operation Prechecks - SilkETW
0:51:47 - DEMO: SilkETW
0:52:36 - Operation Prechecks - Elastic Endpoint
0:53:44 - DEMO: Setting Up Elastic Endpoint
0:58:44 - Closing Thoughts
1:00:43 - QnA

Description: This Black Hills Information Security (BHIS) webcast will cover OPSEC safe fork-n-run execution with Cobalt Strike, .NET log sources available to network defenders and security vendors, and obfuscation of public C# tools to evade EDR products consistently.

Black Hills Infosec Socials

Black Hills Infosec Shirts & Hoodies

Black Hills Infosec Services

Backdoors & Breaches - Incident Response Card Game

Antisyphon Training

Educational Infosec Content

#bhis #infosec
  1. Black Hills Information Security
  2. Black Hills Information Security
  3. BHIS
  4. John Strand
  5. Information Security
  6. Infosec
Рекомендации по теме
BHIS | Getting 1:13:02

BHIS | Getting Started in Covert .NET Tradecraft for Post-Exploitation – Kyle Avery

Day 1 | 5:00:00

Day 1 | Getting Started in Security with BHIS and MITRE ATT&CK

BHIS LIVE! | 1:54:30

BHIS LIVE! | Getting Started in Pentesting The Cloud: Azure | Beau Bullock (1-Hour)

Day 2 | 4:00:35

Day 2 | Getting Started in Security with BHIS and MITRE ATT&CK

BHIS | Getting 1:51:51

BHIS | Getting Started in Blockchain Security and Smart Contract Auditing | Beau Bullock

BHIS | Getting 1:00:22

BHIS | Getting Started: Cybersecurity Maturity Model Certification (CMMC) | CJ Cox & Adam Austi...

Day 1 - 2:33:08

Day 1 - Getting Started in Security 11-2024 #livestream #infosec #training

Day 4 | 3:51:54

Day 4 | Getting Started in Security with BHIS and MITRE ATT&CK

Day 3 | 4:04:37

Day 3 | Getting Started in Security with BHIS and MITRE ATT&CK

Getting Started in 0:59:21

Getting Started in Cyber Deception

BHIS | Atomic 1:10:05

BHIS | Atomic Red Team Hands on Getting Started Guide | Carrie & Darin Roberts | 1 Hour

Day 4 - 2:36:18

Day 4 - Getting Started in Security 11-2024 #livestream #infosec #training

BHIS | Introduction 1:01:51

BHIS | Introduction to Pentesting with Mike Felch | 1 Hour

BHIS | Firmware 1:01:09

BHIS | Firmware Enumeration Using Open Source Tools | Paul Asadoorian | 1-Hour

BHIS | How 1:06:26

BHIS | How to Build a Phishing Engagement - Coding TTP's - Ralph May

BHIS | Atomic 1:42:27

BHIS | Atomic Red Team: Hands-on Getting Started Guide | Carrie & Darin Roberts | 1-Hour

BHIS | Your 1:21:51

BHIS | Your Free and Open Source EDR Options! | John Strand | 1 Hour

1st 3 Windows 0:05:48

1st 3 Windows IR Commands - BHIS Nuggets | John Strand

BHIS | OPSEC 1:41:06

BHIS | OPSEC Fundamentals for Remote Red Teams - Michael Allen - 1-Hour

BHIS | How 1:17:49

BHIS | How to Fail at a Pentest with John Strand | 1-Hour

Day 2 - 1:43:28

Day 2 - Getting Started in Security 11-2024 #livestream #infosec #training

Atomic Red Team: 0:04:46

Atomic Red Team: Testing your EDR | John Strand | BHIS Nuggets

BHIS | Intro 0:57:22

BHIS | Intro to Windows Event Collecting | Nick & Noah | 1 Hour

#coLearning - Attending 0:10:55

#coLearning - Attending Black Hills Infosec -Getting Started in Security with BHIS and MITRE ATT&...