Windows Malware Techniques

Custom malware and implants are an essential part of the offensive toolset. Knowledge of the latest malware techniques helps red teamers improve their custom tooling, malware analysts in taking apart malware, and anti-malware solution developers in designing behavioral solutions to detect malicious activity. While there is an abundance of publicly available offensive tools and frameworks, several of them get flagged by endpoint security solutions. Understanding the inner workings of these tools and techniques enables red teamers to create unique implementations and variants that fly right past these defenses. This training teaches the development and detection of Windows post-exploitation techniques at every stage of their execution through a mix of theory, code walkthroughs, instructor led demos and lab exercises. All hands-on labs are performed on Windows 10 20H2 64-bit so attendees can observe the impact of the latest defenses built into the system and learn how to evade them.