Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/BC-SECURITY/Beginners-Guide-to-Obfuscation
https://github.com/BC-SECURITY/Beginners-Guide-to-Obfuscation
Last synced: about 1 month ago
JSON representation
- Host: GitHub
- URL: https://github.com/BC-SECURITY/Beginners-Guide-to-Obfuscation
- Owner: BC-SECURITY
- License: mit
- Created: 2021-07-06T18:04:31.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2024-05-18T14:48:45.000Z (7 months ago)
- Last Synced: 2024-08-01T19:39:25.499Z (5 months ago)
- Language: PowerShell
- Size: 18 MB
- Stars: 999
- Watchers: 20
- Forks: 145
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
- awesome-edr-bypass - BC-SECURITY/Beginners-Guide-to-Obfuscation
- StarryDivineSky - BC-SECURITY/Beginners-Guide-to-Obfuscation
README
# Evading Detection: A Beginner's Guide to Obfuscation
Defenders are constantly adapting their security to counter new threats. Our mission is to identify how they plan on securing their systems and avoid being identified as a threat. This is a hands-on class to learn the methodology behind malware delivery and avoiding detection. This workshop explores the inner workings of Microsoft's Antimalware Scan Interface (AMSI), Windows Defender, and Event Tracing for Windows (ETW). We will learn how to employ obfuscated malware using Visual Basic (VB), PowerShell, and C# to avoid Microsoft's defenses. Students will learn to build AMSI bypass techniques, obfuscate payloads from dynamic and static signature detection methods, and learn about alternative network evasion methods.
## Objectives
- Understand the use and employment of obfuscation in red teaming.
- Demonstrate the concept of least obfuscation.
- Introduce Microsoft's Antimalware Scan Interface (AMSI) and explain its importance.
- Demonstrate obfuscation methodology for .NET payloads.## Recordings
- [Beginner's Guide to Obfuscation - 2022](https://www.youtube.com/watch?v=wvKwk1wcXvM)
- [Beginner's Guide to Obfuscation - 2021](https://www.youtube.com/watch?v=lP2KF7_Kwxk)