✨ Deceiving Windows Defender: The Big Stack Bypass
👉 Creating a large (>2MB) payload allocated on the stack
👉 Move the payload inside of main, and front load it with NOPs
👉 Could break a lot of automated analysis
https://steve-s.gitbook.io/0xtriboulet/deceiving-defender/deceiving-defender-the-big-stack-bypass
Windows 11 reverse shell in 7steps,undetected by Microsoft Defender
📌 Every “Script kiddie” could bypass Windows Defender in a few minutes
📌 Using Invoke-Obfuscation(PowerShell command and script obfuscator)
https://link.medium.com/mUpMIFdD4vb
New Powershell obfuscaiton tool bypass Anti-Virus:
powershell免杀混淆器,简单有效,VT全过。A simple and effective powershell obfuscaiton tool bypass Anti-Virus - GitHub - H4de5-7/powershell-obfuscation: powershell免杀混淆器,简单有效,VT全过。A simple and effective powershell...
Use nim compiled language to evade Windows Defender reverse shell detection
#infosec #InfosecWriteups #nim #nimlang #nimlanguage #windowsdefender #avbypass #redteamingtips #pentesting
Sailing Past Security Measures In AD - My blogpost about bypassing AV / EDR:
https://luemmelsec.github.io/Circumventing-Countermeasures-In-AD/
Today we´re going to talk a little about possible ways to circumvent some of the security measures one might face during an engagement in an Active Directory environment. We as pentesters are heavily relying on our tools like Bloodhound, Rubeus, mimikatz and all the other fancy stuff. Be it for an internal assessment or a Red Team campaign. But the Blue Team is not at sleep, trying to keep the bad guys outside with their newest AI machine learning cyber tools.
Astra Kernel 
LuemmelSec