BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//cfp.securitybsides.org.uk//bsides-london-2024//talk//WZX
 UTA
BEGIN:VTIMEZONE
TZID:GMT
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:GMT
TZOFFSETFROM:+0100
TZOFFSETTO:+0000
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T020000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:BST
TZOFFSETFROM:+0000
TZOFFSETTO:+0100
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-bsides-london-2024-WZXUTA@cfp.securitybsides.org.uk
DTSTART;TZID=GMT:20241214T100000
DTEND;TZID=GMT:20241214T104500
DESCRIPTION:Ever tried to get a callback from a client device only to be co
 ntinually thwarted by their EDR\, so you then have to ask for an exclusion
  to be placed on a specific folder? Join Red Teamer David Kennedy as he wa
 lks you through a novel way of approaching this conundrum by (ab)using tru
 sted binaries that EDR’s normally pay very little attention to. \n\nThis
  presentation will cover the execution of these trusted binaries on Window
 s as well as running them in ways that even the original developers haven
 ’t advertised as being possible via ‘undocumented features’ within t
 heir code! With these techniques\, struggling to get access to your client
 ’s infrastructure should hopefully become a thing of the past or at leas
 t until these binaries are no longer trusted!
DTSTAMP:20260609T052457Z
LOCATION:Clappy Monkey Track
SUMMARY:BYOTB - Bring Your Own Trusted Binary - David Kennedy
URL:https://cfp.securitybsides.org.uk/bsides-london-2024/talk/WZXUTA/
END:VEVENT
END:VCALENDAR