Captain Hook: Pirating AVs to Bypass Exploit Mitigations

by Udi Yavo, Tomer Bitton
Sept. 15, 2017 1 comment belen_caty Pen Testing & Audits avs

In this talk we'll survey the different vulnerabilities, and deep dive into a couple of those. In particular, we'll take a close look at a vulnerability appearing in the most popular commercial hooking engine of a large vendor. This vulnerability affects the most widespread productivity applications and forced the vendor to not only fix their engine, but also that their customers fix their applications prior to releasing the patch to the public. Finally, we'll demonstrate how security tools can be used as an intrusion channel for threat actors, ironically defeating security measures.

Steven Ulm 6 months ago

Even if the title is funny and catch, I really like that the article itself is well researched and very objective.