You can now view, reply, and favourite posts from the Fediverse. You can click here or click on the on the navigation bar on the left.
BYOVD: Leveraging Raw Disk Reads to Bypass EDRInteresting write up on using vulnerable drivers to read the raw disk of a Windows system and extract files without ever touching those files directly.
Uncategorized
1
Posts
1
Posters
1
Views
-
BYOVD: Leveraging Raw Disk Reads to Bypass EDR
Interesting write up on using vulnerable drivers to read the raw disk of a Windows system and extract files without ever touching those files directly. This subsequently allows the reading of sensitive files, such as the SAM.hive, SYSTEM.hive, and NTDS.dit, while also completely avoiding detection from EDR.
#cybersecurity #infosec #hacking #malware #redteam
https://medium.com/workday-engineering/leveraging-raw-disk-reads-to-bypass-edr-f145838b0e6d
-
R AodeRelay shared this topic
