Back by Popular Demand: MacBook Air, $400 Amazon Gift Card, or $400 off with OnDemand Courses

Nashville: Virtual Edition 2020 - Live Online

Virtual, US Central | Mon, Dec 7 - Sat, Dec 12, 2020

SANS@Mic - Bypassing Antivirus: With Understanding Comes Ease

  • Jeff McJunkin
  • Wednesday, December 9th, 7:30pm - 8:30pm

US Central Time

The job of a penetration tester is to emulate real-world, realistic adversaries to compromise the client, and explain the business risks of the technical findings. Those pesky real-world adversaries bypass AV all the time, even with essentially the same malware, over and over.

How do they do it? Simple. By understanding what traps AV is setting, you can step around, jump over, or disable those traps before sauntering to your destination unhindered. I can't help with your saunter, but I can help you understand and bypass AV using arbitrary payloads (whether Cobalt Strike, Metasploit, Covenant, Mystic, SILENTTRINITY, or whichever) in many ways, all in less than an hour.

This SANS@Mic talk is being delivered Live Online. Register here!


Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
Tuesday, December 8
Session Speaker Time Type
SANS@Mic - Cybersecurity for the Healthcare Industry Gabriel Daniels Tuesday, December 8th, 7:30pm - 8:30pm SANS@Night
Wednesday, December 9
Session Speaker Time Type
SANS@Mic - Bypassing Antivirus: With Understanding Comes Ease Jeff McJunkin Wednesday, December 9th, 7:30pm - 8:30pm SANS@Night
Thursday, December 10
Session Speaker Time Type
SANS@Mic - Building Your Own Kickass Home Lab Jeff McJunkin Thursday, December 10th, 7:30pm - 8:30pm SANS@Night