This workshop is all about sharing the experience with all, that how we can make usage of advanced evasion techniques in order to Bypass different Endpoint Detection and Response (EDR) systems. First we will start with the basics of Windows Internals (PEB, TEB, Winapi, etc) with process injection examples.

Next, participants will receive a primer on Endpoint Detection and Response systems and how they perform User-Mode hookings. Then we would start focusing on how Ntapis work and then delve down to syscall concepts.
From here, we would start creating Implants based on syscalls and move down to advanced form of maldev techniques, like Custom Call Stack Usage, Stack Spoofing, etc. We would also be showing how to detect those type of implants. This workshop would help individuals to upskill their Maldev as well as defensive skills altogether.