Обсуждение AV KILLER

[zuna34]

We kill AB Windef, Sophos, Panda (SentilOne is temporarily not working, but it will be done again in the near future and it will work.

ahahah, the best way, to lose access + get fucked just use this

Kill the EDR and it will alert the SOC in seconds, that's the worst opsec move you can do to bypass EDR
it is like people who kill AV and say, they bypassed it

 

[zuna34]

не оно)
у нас готовое решение, которое пользуется спросом.

it doesnt matter, about your "ready made product", do you not know, the basics?, like i said above, killing an edr, is just going to get the soc, on you in seconds, and you'll be kicked off the network , XD , no matter what you use, even a vulnerable kernel driver, you kill any edr, say bye to net XD

 

[wav]

it doesnt matter, about your "ready made product", do you not know, the basics?, like i said above, killing an edr, is just going to get the soc, on you in seconds, and you'll be kicked off the network , XD , no matter what you use, even a vulnerable kernel driver, you kill any edr, say bye to net XD

there is such a concept. installation of software through the active directory. moron. ))))))))

 

[T1Crazy]

it doesnt matter, about your "ready made product", do you not know, the basics?, like i said above, killing an edr, is just going to get the soc, on you in seconds, and you'll be kicked off the network , XD , no matter what you use, even a vulnerable kernel driver, you kill any edr, say bye to net XD

You're talking shit buddy!"
There are payloads that no matter if it is obfuscated or not it will be detected at runtime because of its destructive nature as a Ransomware! It's a very common technique in high-level attacks to disable or kill the AV before executing the payload...

Don't talk too much if you know little!