Skip to content

leHACK Conferences & workshops 📅 iCal

How EDRs work and how to bypass them 🇫🇷

1Jul2023
Time: 18:00 > 18:45
Location: Zone 1 - Gaston Berger conference stage

I would like to speak about how Endpoint Detection and Response (EDR) softwares work and how to defeat every protection, such as AMSI, Sysmon, DLL Hooking or ETW.

The goal of this talk is to allow a good understanding of these protections IN FRENCH, because many presentations on this subject are only in english.

I would like to present according to the following plan : – Process Hollowing and PE Injection – AMSI Bypass – .NET Reflection – Unhooking DLL – Sysmon unloading – ETW Patching

Processus

More Conferencess

Last News

OSINT VILLAGE conferences, rumps and workshops

Hey!
We’ve published the OSINT Village lineup.

OSINT is a rising topic in the Hacking community:the collection, analysis, and dissemination of information that is publicly available and legally accessible.

SEE THE LINEUP

Conferences Timeline published!

We just published the conference lineup.
Workshops, Hardware village and OSINT village coming soon!