Home

Ebook

Evading Detection: From Inception to Reality

Evading Detection: From Inception to Reality

Pentera
Pages 11 Pages

Pentera Labs researched techniques to bypass Antivirus and Endpoint Detection & Response by handling dependencies in fileless attacks. Using reflective loading, they ran tools like Mimikatz while evading Windows Defender by encrypting payloads until execution and loading DLLs from memory. Challenges included handling DLL forwarding and ApiSet redirections, which were solved by preloading DLLs and redirecting API imports. This allowed stealthy loading of unhooked DLL copies, bypassing EDR hooks. Suggested defenses include stronger memory scanning, syscall validation, randomized tables, mutexes in system DLLs, and moving ApiSet data to kernel mode.

Join for free to read

You Might Also Like


Augmented reality (AR)
Report Augmented reality (AR)
Xpert Digital

2022 Threat Detection Report
Report 2022 Threat Detection Report
Red Canary

McKinsey Technology Trends Outlook 2022 Immersive-reality technologies
Report McKinsey Technology Trends Outlook 2022 Immersive-reality…
McKinsey & Company

Digital Reality Primer
White Paper Digital Reality Primer
Deloitte

More from Pentera


GUIDE TO CTEM ADOPTION
Guide GUIDE TO CTEM ADOPTION
Pentera

Pentera Credential Exposure Tests for Cyber Identity Risks From Stolen of Leaked Credentials
Ebook Pentera Credential Exposure Tests for Cyber Identity Risks From…
Pentera

Not Another WebLogic Exploitation: The Road to Post Exploitation
Ebook Not Another WebLogic Exploitation: The Road to Post Exploitation
Pentera

Hibank Strengthens Cyber Resilience with Continuous Security Validation
Case Study Hibank Strengthens Cyber Resilience with Continuous Security…
Pentera
© 2025 Contentree.  All Rights Reserved   |   Privacy and Cookies   |   Legal   |   Do not sell my info