How To Bypass Windows Defender with Nim Reverse Shell
ฝัง
- เผยแพร่เมื่อ 26 ก.ย. 2024
- Is it possible to bypass windows defender and elastic security at the same time with a nim written reverse shell?
The best purple teaming series on youtube with real hands on learning for everyone!
For educational purposes only!
Subscribe and like for more!
Connect with me on linkedin: / howard-mukanda-24503144
Follow me on twitter: / lahilabs
A simple reverse shell written in Nim that bypasses Windows Defender detection, find it here: github.com/Sn1... Connect and Direct Message me on Linkedin: / howard-mukanda-24503144
brilliant work mate, love to see more video about windows defender bypass and threat hunting in Elastic search, Wazu.
Thank you. This is fun stuff
mate this was exactly what i was looking for. thank you!!!
amazing buddy never give up
Thanks you, amazing video! One more thing, it is normal that after the exe execution, defender detect the malware and save the malware signature and after that you cannot execute the file even if you remake another file with nim? I though nim was there to bypass defender everytime.
How to implement this if my target is my remote (EC2 instance), do I put my Internet public IP on V1 since my Kali is within VMware on my Ubuntu?
Dope content man. Actually makes me open to trying out blue even though I’m red for life
how to setup elastic with defender? can u plz tell me
Don't close any function of Microsoft defender. And add some AVs IDS firewall on top of it and then bypass it
Exactly why i use simple wall
nice vid bro
Thank you
@@ITSecurityLabs it is still working btw
I've seen some malware written in D. Languages such as Carbon, Zig, Haxe can be used. Could an AI help in these cases of detecting unconventional codes?
no.
how to bypass edr
powershell not working ?
No, powershell still works!
@@ITSecurityLabs bro stable powershell connection any tools bypass in windows defender
@@ITSecurityLabs but this tool working 💯
sorry ,but windows definder detect it!!!
This is of no use I tell you that. Because he disabled half of the windows difender functions
Please tell me more. You mean disabling automatic sample submission? Because that’s all I disabled. Maybe you mean since it’s not domain joined and I have no app locker rules and powershell is not constrained? I genuinely want to know what you mean. I am learning as well and if there is a better way, I want that