Short Summary

The video discusses techniques for avoiding memory scanners, specifically in the context of Cobalt Strike and its use in red teaming and penetration testing.

Key Points

• Introduction by Kyle Avery, an expert in offensive security and red teaming techniques.
• Focus on avoiding detection by memory scanners used by security tools.
• Explanation of how memory scanners work, including pattern matching and signature scanning.
• Techniques to bypass memory scanning capabilities, such as:
  • Encrypting data and modifying its attributes to evade detection.
  • Using tools like Cobalt Strike with advanced defensive techniques.
• Detailed overview of memory attributes and their relation to executable memory and suspicious allocations.
• Discussion on methods to manipulate return addresses to avoid detection by tools like MalM Detect.
• Demonstration of a new tool, Ace Loader, which bypasses multiple scanners and automates the encryption process.
• Encouragement to implement proper testing environments to avoid detection in real engagements.
• Final thoughts on maintaining privacy and security while using advanced tools and techniques.

Youtube Video: https://www.youtube.com/watch?v=6Eb0_4jnJ8U
Youtube Channel: Lsecqt
Video Published: 2024-10-26T04:59:45+00:00