Roll for Stealth: Evading AV/EDR Entropy Checks

Back to the list of Speakers and Sessions
Watch the stream

Evading detection by modern AV & EDR can seem daunting and near impossible to the uninitiated. If the idea of trying to get a payload past these defenses seems unattainable and too “l337,” then this talk is for you! I’ll discuss what entropy is and how AV & EDR use entropy to detect payloads. I’ll cover some basic concepts and tools you can use to start evading detection and get your payloads running. Stick around to the end learn about a new tool for hiding shellcode and defeating entropy checks!

Mike Saunders Principal Consultant, Red Siege

Mike Saunders has over 25 years of experience in IT and security and has worked in the ISP, financial, insurance, and agribusiness industries. He has held a variety of roles in his career including system and network administration, development, and security architect. Mike has been performing penetration tests for a decade. Mike is an experienced speaker and has spoken at DerbyCon, Wild West Hackin’ Fest, regional BSides conferences, the NDSU Cyber Security Conference, and SANS and Red Siege webcasts.