Save 40% on Coursera Plus Annual

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Kernel Games: The Ballad of Offense and Defense in Rootkit Methodologies

x33fcon via YouTube

Start learning Write review
Corporate Finance Institute Ad

Master Finance Tools - 35% Off CFI (Code CFI35)

Learn More → Coursera Ad

All Coursera Certificates 40% Off

Learn More →

Overview

Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Watch a 31-minute conference talk from x33fcon exploring the intricate world of kernel-level rootkit development and detection strategies. Dive into advanced rootkit methodologies including DLL injection concealment, credential dumping from kernel space, and AV/EDR kernel callback removal. Follow along with practical demonstrations integrating Mythic C2's Athena agent in red team scenarios. Learn defensive techniques for detecting rootkit activities like callback removal, file protection mechanisms, and ETWTI tampering. Examine a custom tool demonstration that provides defenders enhanced visibility into loaded kernel drivers, their registered callbacks, imports, and IRP hooks through detailed code examples and live demos.

Syllabus

Introduction
rootkit methodologies
dumping credentials
object callbacks
agent demo
detection
ET WTI
RP Hooking

Taught by

x33fcon

Reviews

Start your review of Kernel Games: The Ballad of Offense and Defense in Rootkit Methodologies

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.