Windows Defender - Demystifying and Bypassing ASR by Understanding the AV's Signatures



Published
Windows Defender is the Windows' built-in antivirus software, giving it a place in most information systems. But still, its signature format is yet undocumented.This talk tries to rectify this situation. This knowledge will then be used to demonstrate signature evasion for auditor's common tooling....

By: Camille Mougey

Full Abstract & Presentation Materials: https://www.blackhat.com/eu-21/briefings/schedule/#windows-defender---demystifying-and-bypassing-asr-by-understanding-the-avs-signatures-24866
Category
Web design
Be the first to comment