SANSFIRE 2024: SANS@Night - From Chatbot to Destroyer of Endpoints: Can ChatGPT Automate EDR Bypasses?

Thursday, 18 Jul 2024 7:15PM EDT (18 Jul 2024 23:15 UTC)
Speaker: Erik Van Buggenhout

Join this session to explore EDR telemetry mechanisms, Kernel Callbacks, Userland API hooks, and ETW. Followed by a deep dive into the typical bypasses, unhooking, direct system calls, and more. EDR bypasses are not new but remain complex and primarily red-team tools, while their adoption in cybercrime is limited. But for how long? Can Smart ChatGPT prompt automate EDR bypasses? Demo included!

Login to Register

SANS@Night

Related Content

Digital Forensics, Incident Response & Threat Hunting

September 21, 2023

Latest Must-Read Malware Analysis Blogs

In this post, we present a selection of recent malware analysis write-ups to highlight individuals' passion for malware analysis

Digital Forensics, Incident Response & Threat Hunting

A Visual Summary of SANS DFIR Summit 2023

Check out these graphic recordings created in real-time throughout the event for SANS DFIR Summit 2023

DFIR Summit Promotion

Digital Forensics, Incident Response & Threat Hunting

A Visual Summary of SANS DFIR Summit 2022

On August 15-16, attendees joined us in Austin, TX or tuned in Live Online for the SANS DFIR Summit for its 15th anniversary! We invited Ashton Rodenhiser of Mind's Eye Creative to create graphic recordings of our Summit presentations. If you missed a talk or are looking to view the Summit through...