AV Bypass

Evasion is not a primary focus for this course!

however, we use basic OPSEC measures to bypass default defense mechanisms such as Windows Defender, AMSI, and Enhanced PowerShell Logging.

We will use tools like InvisibilityCloak for source code obfuscation, perform minimal obfuscation and/or binary obfuscation using ConfuserEx

On cb ws x an exclusion has been added in Defender for the folder: C:\ADCS .

We have already obfuscated some tools needed for on-disk execution and have placed them in the C: ADCS Tools ObfuscatedTools folder on cb ws x