Intro to AV/EDR Evasion
Overview
Embark on your journey into the dynamic world of cybersecurity with our introductory course tailored for aspiring red team members or advanced penetration testers.
Designed for those new to the realm of Antivirus (AV) and Endpoint Detection and Response (EDR) evasions, this course will provide a solid foundation in evasion and bypass techniques.
Join us for this introductory course, where you will lay the groundwork for your journey into the fascinating world of AV and EDR evasion. Acquire the foundational skills necessary to navigate and understand these critical aspects of modern cybersecurity.
Intro to AV/EDR Evasion Overview
In this episode, your hosts, Daniel and Mike, will explain what this course is about, who the intended audience is, and summarize the learning material covered in the course.
0h 3m
WEBVTT
Hey there, greetings
everyone and welcome to the
overview episode for our AVEDR
Evasion Series. I will be your
host for this journey. I am one
Mr. Daniel Lowry. I've been
working in cyber security for
probably the last seven years
or so and I've had a career in
IT for over 20 now. I know the
gray, it does show itself.
Our SME for this particular
soiree is going to be a one Mr.
Mike Saunders. Mike, thank you
so much for joining us. Tell us
a little bit about yourself.
Yeah, thanks for having me
Daniel. So
I'm Mike Saunders, principal
consultant at Red Siege.
We're an information security
and penetration testing
company, red teaming, that kind
of stuff.
Got into IT back
as a job back in 1998 and
been doing the security thing
full time for about 16 years
now. So
been around for a little
bit. Yeah, you've done a thing
or two. One or two. You've seen
a thing or two. I've seen some
things. Absolutely true.
So that's very cool and
that's why we've got you
here because we know you've got
the skills and the knowledge
and the experience that it
takes for us to be able to
learn from you because we want
to take some of that knowledge
that's in your head, get it
into ours. Now that said,
we know that this probably
isn't a beginner course.
This is not for those that are
like, hey, you know, I want to
learn a thing about computers,
you call them. That's not where
we're at. If you would, do us a
good favor and kind of tell us
the learner, the audience for
this series, what's that going
to look like?
Yeah. So in this course,
we're going to talk about what
shellcode is and how you use it
to execute code on systems.
So you're going to need to have
some understanding really of
programming and C and C++ a
little bit, some C sharp.
However, this isn't a deep dive
into Windows APIs. So some
familiarity with writing some
code would be a good starting
point for you. We're going to
write a shellcode loader.
We're going to talk about
ways that you can hide your
shellcode on systems so that it
doesn't get detected. And we're
going to talk about some of the
common things that get you
caught when you're testing on a
system. So
how to avoid that, what the
tripwires are, where they are,
and how you can avoid those.
That's excellent because
I don't know about you, but
I get excited about these kinds
of things. Hopefully that's why
you're here to watch this stuff
because you get excited about
that stuff. And yes, is it
highly technical? Of course,
but it's the skills that Mike's
going to give us is going to
set us head and shoulders above
and make us a little bit better
at what we can do and what we
want to do in the future.
So I'm really looking forward
and excited this. Anything
specifically that you are
excited about getting your
teeth into.
Yeah, absolutely. So I'm
really looking forward to just
talking about some of the fun
obfuscation techniques that we
have for ways that you can hide
your shellcode so that it
doesn't get detected.
Looking at how you can get
that code execution and change
up those signatures and at the
end putting it all together so
we can write an actual
shellcode loader. You'll
actually be able to write
a loader for your malware at
the end of the course. Well,
you're saying all the things I
like to hear, Mike. Any post
exploitation stuff that we're
going to be doing or is this
all about the initial access?
This is all going to be about
initial access. So what you're
going to be learning about is
that code that you write that
gets you that initial code
execution on a system and how
you avoid the detection there.
So nothing, none of those post
exploitation toolkits that will
be there, but how you would get
to the point that you could
load those. One step at a time,
ladies and gentlemen, one step
at a time. That's what we're
here to do. Well, hopefully
I know I'm excited. I can see
Mike is about to fall out of
his chair. He's that kind of
guy. He just loses his mind,
right? And hopefully you're
excited about it. We got a
really great series for you.
So we look forward to seeing
you in the upcoming episodes.
Learning Style
On Demand
Length of course
4h 58m
22 Episodes
Here are the topics we'll cover
- Course Overview
- Intro to AV/EDR Evasion
Learning Options
Options for this course
Train your team
Stay ahead of the curve and future-proof your business with training programs designed for you.
Channel & Reseller
Transform your experience and integrate with our unique evolving library of Audit, Cybersecurity, and Information Technology courses.
Individual learners
Learn at your own pace and get your certification training.