A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


Evading Autoruns - Kyle Hanslovan & Chris Bisnett Derbycon 2017 (Hacking Illustrated Series InfoSec Tutorial Videos)

Evading Autoruns
Kyle Hanslovan & Chris Bisnett
Derbycon 2017

When it comes to offense, maintaining access to your endpoints is a key. For defenders, it's equally important to discover these footholds within your network. During this talk, Kyle and Chris will expose several semi-public and private techniques used to evade the most common persistence enumeration tools. Their techniques will explore ways to re-invent the run key, unconventionally abuse search order, and exploit trusted applications. To complement their technical explanations, each bypass will include a live demo and recommendations for detection.

For the past 10 years, Kyle Hanslovan has supported defensive and offensive cyber operations in the U.S. Intelligence Community and currently is the CEO of Huntress Labs. He actively participates in the ethical hacking community as a Black Hat conference trainer, STEM mentor, and Def Con CTF champion. Additionally, he serves in the Maryland Air National Guard as a Cyber Warfare Operator. Chris Bisnett is a veteran information security researcher with more than a decade of experience in offensive and defensive cyber operations. While serving with the NSA RedTeam, he attacked government networks and systems to identify and remedy vulnerabilities. He is also a recognized Black Hat conference trainer for the “Fuzzing For Vulnerabilities” and ""Embedded Fuzzing"" courses.

Kyle - @KyleHanslovan, Chris - @ChrisBisnett

Back to Derbycon 2017 video list

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast