Metasploit Deep Dive - Part 0x08 - Bypass Defender AV
In this video series we'll analyse a Metasploit payload inside out, starting from dynamic analysis down to the shellcode and dynamic functions resolution. We'll also cover AV evasion tricks and further payload obfuscation techniques. ⚔️ Part 0x08 - Bypass Defender AV ----------------------------------- ➡️ AV Evasion (Microsoft Defender) ➡️ Shellcode Update 23/10: Someone mentioned that the technique is not working with the latest Defender definitions. If you're trying to make it work, here are some hints: Hint 1: Play with the the code and find out what exactly is triggering the detection. Hint 2: Find out if Defender is detecting your shellcode by running it or by pattern matching. Richard Feynman: "You cannot get educated by this self-propagating system in which people study to pass exams, and teach others to pass exams. You learn something by doing it yourself, by asking questions, by thinking, and by experimenting" --------------------------------------------------------------------------------------------------- Follow us on Twitter : https://twitter.com/reversinghub Github : https://github.com/reversinghub If you liked this video and you want to learn hands-on how to analyse malware threats, with real samples and practical exercises, find us on Udemy : https://www.udemy.com/course/reverse-engineering-deep-dive/?referralCode=40A9FD1883D291B26163 --------------------------------------------------------------------------------------------------- Want to support us continue to make great content? Buy us a coffee : https://ko-fi.com/reversinghub Thank you 🙏
In this video series we'll analyse a Metasploit payload inside out, starting from dynamic analysis down to the shellcode and dynamic functions resolution. We'll also cover AV evasion tricks and further payload obfuscation techniques. ⚔️ Part 0x08 - Bypass Defender AV ----------------------------------- ➡️ AV Evasion (Microsoft Defender) ➡️ Shellcode Update 23/10: Someone mentioned that the technique is not working with the latest Defender definitions. If you're trying to make it work, here are some hints: Hint 1: Play with the the code and find out what exactly is triggering the detection. Hint 2: Find out if Defender is detecting your shellcode by running it or by pattern matching. Richard Feynman: "You cannot get educated by this self-propagating system in which people study to pass exams, and teach others to pass exams. You learn something by doing it yourself, by asking questions, by thinking, and by experimenting" --------------------------------------------------------------------------------------------------- Follow us on Twitter : https://twitter.com/reversinghub Github : https://github.com/reversinghub If you liked this video and you want to learn hands-on how to analyse malware threats, with real samples and practical exercises, find us on Udemy : https://www.udemy.com/course/reverse-engineering-deep-dive/?referralCode=40A9FD1883D291B26163 --------------------------------------------------------------------------------------------------- Want to support us continue to make great content? Buy us a coffee : https://ko-fi.com/reversinghub Thank you 🙏