Τεχνικές αποφυγής και παράκαμψης συστημάτων προστασίας Endpoint Detection and Response (EDR) στα Windows
Evading Endpoint Detection and Response (EDR) in Windows
View/
Keywords
Ασφάλεια πληροφοριακών συστημάτων ; Συστήματα ασφαλείας τελικού χρήστη ; Ρουτίνες λειτουργικού συστήματος ; Κακόβουλο λογισμικό ; Αγκίστρωση περιοχής χρήστηAbstract
This master thesis presents an up-to-date introduction of tactics and technics to bypass and evade modern Endpoint Detection and Response (EDRs) in Windows 10. There were used as a source, not only international bibliography, but also blogs, that include innovative technics that are not found elsewhere. The next chapter contains programs available in public repositories, like github, with their source code that implements these technics presented above. In addition, international research with results of tests to evade AntiVirus and EDR, is presented. At the end of this thesis, a modification made by the author of this thesis, of an older technic that returns shell on a victim's machine, bypassing Windows Defender AV is exhibited.
Postgraduate Studies Programme
Προηγμένα Συστήματα ΠληροφορικήςDepartment
Σχολή Τεχνολογιών Πληροφορικής και Επικοινωνιών. Τμήμα ΠληροφορικήςNumber of pages
76Language
GreekCollections
Except where otherwise noted, this item's license is described as
Αναφορά Δημιουργού - Μη Εμπορική Χρήση - Παρόμοια Διανομή 3.0 Ελλάδα
Αναφορά Δημιουργού - Μη Εμπορική Χρήση - Παρόμοια Διανομή 3.0 Ελλάδα