Advice Request A blueprint for evading industry leading endpoint protection in 2022

Please provide comments and solutions that are helpful to the author of this topic.

[correlate]

Level 18
Thread author
Top Poster
Well-known
May 4, 2019
801
About two years ago I quit being a full-time red team operator. However, it still is a field of expertise that stays very close to my heart. A few weeks ago, I was looking for a new side project and decided to pick up an old red teaming hobby of mine: bypassing/evading endpoint protection solutions.

In this post, I’d like to lay out a collection of techniques that together can be used to bypassed industry leading enterprise endpoint protection solutions. This is purely for educational purposes for (ethical) red teamers and alike, so I’ve decided not to publicly release the source code. The aim for this post is to be accessible to a wide audience in the security industry, but not to drill down to the nitty gritty details of every technique. Instead, I will refer to writeups of others that deep dive better than I can.
 

Trooper

Level 16
Verified
Top Poster
Well-known
Aug 28, 2015
772
It is good to share such news.
I don't like these programs to fail, especially the CrowdStrike Falcon
It's a great protection program that I hope to try one day.:)

Agreed. I want to try CrowdStrike Falcon as well. I wish they had a home version available. I may test next summer at my job to decide if we keep what we use currently.

Cheers!
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top