Intro to AV/EDR Evasion

Overview

Embark on your journey into the dynamic world of cybersecurity with our introductory course tailored for aspiring red team members or advanced penetration testers. Designed for those new to the realm of Antivirus (AV) and Endpoint Detection and Response (EDR) evasions, this course will provide a solid foundation in evasion and bypass techniques. Join us for this introductory course, where you will lay the groundwork for your journey into the fascinating world of AV and EDR evasion. Acquire the foundational skills necessary to navigate and understand these critical aspects of modern cybersecurity.
Intro to AV/EDR Evasion Overview
In this episode, your hosts, Daniel and Mike, will explain what this course is about, who the intended audience is, and summarize the learning material covered in the course.
Clock icon0h 3m
WEBVTT Hey there, greetings everyone and welcome to the overview episode for our AVEDR Evasion Series. I will be your host for this journey. I am one Mr. Daniel Lowry. I've been working in cyber security for probably the last seven years or so and I've had a career in IT for over 20 now. I know the gray, it does show itself. Our SME for this particular soiree is going to be a one Mr. Mike Saunders. Mike, thank you so much for joining us. Tell us a little bit about yourself. Yeah, thanks for having me Daniel. So I'm Mike Saunders, principal consultant at Red Siege. We're an information security and penetration testing company, red teaming, that kind of stuff. Got into IT back as a job back in 1998 and been doing the security thing full time for about 16 years now. So been around for a little bit. Yeah, you've done a thing or two. One or two. You've seen a thing or two. I've seen some things. Absolutely true. So that's very cool and that's why we've got you here because we know you've got the skills and the knowledge and the experience that it takes for us to be able to learn from you because we want to take some of that knowledge that's in your head, get it into ours. Now that said, we know that this probably isn't a beginner course. This is not for those that are like, hey, you know, I want to learn a thing about computers, you call them. That's not where we're at. If you would, do us a good favor and kind of tell us the learner, the audience for this series, what's that going to look like? Yeah. So in this course, we're going to talk about what shellcode is and how you use it to execute code on systems. So you're going to need to have some understanding really of programming and C and C++ a little bit, some C sharp. However, this isn't a deep dive into Windows APIs. So some familiarity with writing some code would be a good starting point for you. We're going to write a shellcode loader. We're going to talk about ways that you can hide your shellcode on systems so that it doesn't get detected. And we're going to talk about some of the common things that get you caught when you're testing on a system. So how to avoid that, what the tripwires are, where they are, and how you can avoid those. That's excellent because I don't know about you, but I get excited about these kinds of things. Hopefully that's why you're here to watch this stuff because you get excited about that stuff. And yes, is it highly technical? Of course, but it's the skills that Mike's going to give us is going to set us head and shoulders above and make us a little bit better at what we can do and what we want to do in the future. So I'm really looking forward and excited this. Anything specifically that you are excited about getting your teeth into. Yeah, absolutely. So I'm really looking forward to just talking about some of the fun obfuscation techniques that we have for ways that you can hide your shellcode so that it doesn't get detected. Looking at how you can get that code execution and change up those signatures and at the end putting it all together so we can write an actual shellcode loader. You'll actually be able to write a loader for your malware at the end of the course. Well, you're saying all the things I like to hear, Mike. Any post exploitation stuff that we're going to be doing or is this all about the initial access? This is all going to be about initial access. So what you're going to be learning about is that code that you write that gets you that initial code execution on a system and how you avoid the detection there. So nothing, none of those post exploitation toolkits that will be there, but how you would get to the point that you could load those. One step at a time, ladies and gentlemen, one step at a time. That's what we're here to do. Well, hopefully I know I'm excited. I can see Mike is about to fall out of his chair. He's that kind of guy. He just loses his mind, right? And hopefully you're excited about it. We got a really great series for you. So we look forward to seeing you in the upcoming episodes.

Learning Style

On Demand

Length of course

4h 58m
22 Episodes

Here are the topics we'll cover

  • Course Overview
  • Intro to AV/EDR Evasion
Learning Options

Options for this course

Train your team
Stay ahead of the curve and future-proof your business with training programs designed for you.
Channel partners
Transform your experience and integrate with our unique evolving library of Audit, Cybersecurity, and Information Technology courses.
Individual learners
Learn at your own pace and get your certification training.