EDR Evasion Extravaganza

Let the EDR Evasion Extravaganza Begin!! This quarter we will be looking at bypassing/finding bugs in EDR solutions. We will have a standard windows domain with multiple VMs for each EDR solution. We will also have access to any SOC alerts generated during the event. Everyone will have access to user accounts, local admin accounts, and domain admin accounts.

The following solutions will be available to test against, with more added if we have time:

FireEye/Trellix (Helix)

Never been on a network with Cylance deployed? Here's your chance. Couldn't finish your payload modifications before the engagement ended? Now you can! Got an upcoming engagement and want to test your tool set? We've got you covered! This event is for all skill levels! Don't let imposter syndrome prevent you from attending. We do ask that you come prepared to learn and contribute.

What to bring:

- Laptop is required!
- Your best Windows Red Team Payloads

3106 Commerce St.
Dallas, TX 75226

What to bring:

  COVID-19 vaccination required
  Event will be indoors

  Be vaccinated or don't come.  Masking HIGHLY recommended, but not enforced.