About this Event
Marcus Sellebjerg will go through different malware development practices, focusing on AMSI bypasses and how hackers around circumvent the AMS security solution.
What to Expect:
- A step-by-step walkthrough of AMSI’s role in the Windows OS
- Insights into real-world techniques cybercriminals use to bypass AMSI
- Hands-on time to explore these techniques yourself!
AMSI (Antimalware Scan Interface) is a Windows security feature designed to help detect and block malicious code. It acts as a bridge between applications and antivirus software, allowing security tools to scan code as it’s being executed, particularly scripts from sources like PowerShell, VBScript, and JavaScript. AMSI works by exposing suspicious code to antivirus software for analysis in real-time, aiming to catch threats before they can execute harmful actions. Its primary purpose is to improve detection rates for fileless malware and script-based attacks, making it an important layer in Windows’ defense against modern cyber threats.
Whether you’re a beginner or just looking to level up your skills, this session will equip you with a critical understanding of AMSI and the creative tactics hackers use to circumvent it.
During the event the participants will acquire the necessary understanding of how AMSI operates in the windows operative system, and how hackers and cyber criminals utilises malware techniques to circumvent and execute malicious software through Anti Virus solutions.
Time will be permitted, in which participants can try the techniques hands on. The only pre-requisite is a windows installation.
At some point there will also be served some food🍕
If you want to join the 0-Day Aarhus cybersecurity community, head over to our Dicord channel: https://discord.gg/NkESPQMeZ3
Event Venue & Nearby Stays
Helsingforsgade 14, 14 Helsingforsgade, Arhus, Denmark
USD 0.00
