Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Kernel Games: The Ballad of Offense and Defense in Rootkit Methodologies

x33fcon via YouTube

Start learning Write review
Coursera Ad

AI, Data Science & Business Certificates from Google, IBM & Microsoft

Learn More → Babbel Ad

You’re only 3 weeks away from a new language

Learn More →

Overview

Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
Watch a 31-minute conference talk from x33fcon exploring the intricate world of kernel-level rootkit development and detection strategies. Dive into advanced rootkit methodologies including DLL injection concealment, credential dumping from kernel space, and AV/EDR kernel callback removal. Follow along with practical demonstrations integrating Mythic C2's Athena agent in red team scenarios. Learn defensive techniques for detecting rootkit activities like callback removal, file protection mechanisms, and ETWTI tampering. Examine a custom tool demonstration that provides defenders enhanced visibility into loaded kernel drivers, their registered callbacks, imports, and IRP hooks through detailed code examples and live demos.

Syllabus

Introduction
rootkit methodologies
dumping credentials
object callbacks
agent demo
detection
ET WTI
RP Hooking

Taught by

x33fcon

Reviews

Start your review of Kernel Games: The Ballad of Offense and Defense in Rootkit Methodologies

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.