When Friday 14th August 2015
Where CSIT Seminar Room, N101, CSIT Building, Building (108), North Road, ANU
Time 6:00 PM
After Talks Uni Pub, 17 London Circuit
Save Event

Notification List

Please sign up to our email notification list for advanced notification of planned Ruxmon events and presentation details.



AV Evasion - Ryan Catterall

Level: Intermediate

This talk will run through the basic methods you can use to prevent anti-virus from picking up common payloads such as meterpreter or other shellcode professionals may need to execute during penetration testing engagements. It covers a high level look at how AV works, how to defeat static signature detection and more importantly how to successfully prevent heuristics from successfully guessing the payloads malicious nature. Ryan will take you step by step through the C code which can also allow you to put your own twist on AV avoidance after the talk. 


Ryan has been working as a professional penetration tester for the last year and has conducted numerous engagements which have required the use of these techniques to a foothold in several organisations. This includes those protected by ESET and SEP, two of the more commonly seen enterprise vendors. 

Tales from the trenches – How we responded to the Clandestine Wolf attack - Crag Hall

Level: Intermediate

Through some advanced techniques, good operational security and well researched victims, the APT3 group have been successful in breaching a number of organizations over the years.

In this session, I will talk about how FireEye prepared for, detected and responded to the recent APT3 attack. 

We stopped them this time, but they will be back


Craig Hall is a senior security analyst with a focus on APT incident response.

Craig more than 10 years experience in cybersecurity and system engineering, and over that time has developed strong insights into security operations and best practices. In this time, Craig has responded to multiple state-sponsored APT campaigns and has worked to proactivly improve the security posture of those involved.

Craig joined FireEye’s Managed Defense team (now FireEye as a Service) in 2014 and has supported operations in Sydney, Singapore, Washington DC and California.

Prior to joining the FireEye team, Craig held positions within Computer Science Corporation’s Security Operations Centre and Fujitsu’s Managed Security offering.

Craig holds certifications from TAFE NSW and industry vendors. 


When Title Speaker Materials

Friday 14th August 2015

AV Evasion

Ryan Catterall

Not available

Friday 14th August 2015

Tales from the trenches – How we responded to the Clandestine Wolf attack

Crag Hall

Not available

Supported By