Nir Yehoshua and Uriel Kosayev - Antivirus Bypass Techniques

Learn practical techniques and tactics to combat, bypass, and evade antivirus software

Nir Yehoshua Uriel Kosayev

BIRMINGHAMMUMBAI

Copyright 2021 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Group Product Manager: Wilson Dsouza

Publishing Product Manager: Mohd Riyan Khan

Senior Editor: Rahul Dsouza

Content Development Editor: Sayali Pingale

Technical Editor: Sarvesh Jaywant

Copy Editor: Safis Editing

Project Coordinator: Ajesh Devavaram

Proofreader: Safis Editing

Indexer: Pratik Shirodkar

Production Designer: Alishon Mendonca

First published: June 2021

Production reference: 1180721

Published by Packt Publishing Ltd.

Livery Place

35 Livery Street

Birmingham

B3 2PB, UK.

978-1-80107-974-7

www.packt.com

"Antiviruses have always been a hindrance for threat actors and red teamers. The book Antivirus Bypass Techniques illustrates various techniques that attackers can use to evade antivirus protection. This book is a must-read for red teamers."

Abhijit Mohanta, author of Malware analysis and Detection Engineering and Preventing Ransomware

Nir Yehoshua is an Israeli security researcher with more than 8 years of experience in several information security fields.

His specialties include vulnerability research, malware analysis, reverse engineering, penetration testing, and incident response.

He is an alumnus of an elite security research and incident response team in the Israel Defense Forces.

Today, Nir is a full-time bug bounty hunter and consults for Fortune 500 companies, aiding them in detecting and preventing cyber-attacks.

Over the years, Nir has discovered security vulnerabilities in several companies, including FACEIT, Bitdefender, McAfee, Intel, Bosch, and eScan Antivirus, who have mentioned him in their Hall of Fame.

Special thanks to my mentor, Shay Rozen, for supporting this book in many ways.I've known Shay from my earliest days in the cybersecurity field and have learned a lot from him about security research, cyber intelligence, and red teaming. I can gladly say that Shay gave me the gift of the "hacker mindset," and for that I am grateful.Thanks, Shay; I'm honored to know you.

Uriel Kosayev is an Israeli security researcher with over 8 years of experience in the information security field. Uriel is also a lecturer who has developed courses in the cybersecurity field. Uriel has hands-on experience in malware research, reverse engineering, penetration testing, digital forensics, and incident response. During his army service, Uriel worked to strengthen an elite incident response team in both practical and methodological ways. Uriel is the founder of TRIOX Security, which today provides red team and blue team security services along with custom-tailored security solutions.

Big thanks to Yaakov (Yaki) Ben-Nissan for all of these years, Yaki is a great man with much passion and professionalism. These two characteristics make him who he is: a true hero and a true mentor. To me, you are more than just a mentor or teacher.

Thanks for being always there for me, with all my love and respect.

Andrey Polkovnichenko