MSFVENOM keep vs MSVENOM non-keep vs BDF Cave Jumping
25
win32 BDF vs win64 BDF
26
Enterprise Mitigations
27
Progress on x64 Stager
Description:
Explore the intricacies of patching Windows executables with The Backdoor Factory in this DerbyCon 3.0 conference talk by Joshua Pitts. Delve into the world of executable patching, its history, and its relevance to security professionals. Learn about various patching methods, including the MS Method and Metasploit's approach. Gain insights into the Portable Executable Format and the Common Object File Format (COFF). Witness live demonstrations on finding code caves and prototyping shellcode. Discover how The Backdoor Factory (BDF) works and its evolution. Compare different attack scenarios and methods, including MSFVENOM and BDF Cave Jumping. Examine enterprise mitigations and the progress made on x64 stagers. This comprehensive talk covers everything from basic concepts to advanced techniques in Windows executable patching, making it valuable for both beginners and experienced security professionals.
Patching Windows Executables With The Backdoor Factory