Evading Autoruns, or: don’t rely solely on Autoruns for security

Discussion in 'Guides' started by RGiskardR, Nov 6, 2017.

  1. RGiskardR

    RGiskardR Malware Tester Silver Member

    [​IMG]
    Autoruns is a popular program for Windows to analyze all the different files, programs, and other items that run on system startup.

    It is probably the most used tool for that purpose, and includes lots of nice to have features such as scanning files on Virustotal, hiding Microsoft entries, or management of autorun files to disable or delete items directly from within the program.

    Evading Autoruns is a research paper by Kyle Hanslovan and Chris Bisnett from Huntress that reveals multiple evasion methods that malicious users could make use of to hide activities on the computer or in a network.

    Full source: https://www.ghacks.net/2017/11/05/evading-autoruns-or-dont-rely-solely-on-autoruns-for-security/

    PDF: https://github.com/huntresslabs/evading-autoruns/blob/master/Evading_Autoruns_Slides.pdf
     
    silversurfer likes this.
  2. Google Adsense

Share This Page