skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

Evasion Techniques for Elastic EDR During Lateral Movement

/ 1 min read

🎭 Techniques for Evading Elastic EDR During Lateral Movement Explored. The article details a practical approach to bypassing Elastic Endpoint Detection and Response (EDR) while performing lateral movement between two machines, WKSTN-1 and WKSTN-2, both equipped with EDR agents. The author outlines various evasion techniques, such as altering file extensions and modifying payloads to avoid detection alerts. Key strategies include changing a loader’s extension to .png and later to .scr to facilitate file transfer and execution without triggering alerts. The process culminates in successfully establishing a beacon on WKSTN-2, demonstrating the effectiveness of these evasion methods against Elastic EDR. The article serves as a guide for security professionals interested in understanding EDR limitations and lateral movement tactics.

Source
{entry.data.source.title}
Original