DEF CON Safe Mode Red Team Village - Leron Gray - Bypass Python 38 Audit Hooks or Nah?
About this talk
Python 3.8, released October 2019, boasts a new security feature called “audit hooks”. According to PEP 578 and PEP 551, the purpose of audit hooking is to allow transparency into Python’s runtime so that events can be monitored and logged just like any other process. While additional insight is great for defenders, it's likely to become another hurdle for attackers to overcome in the same vein as PowerShell. Y'all tryna bypass these audit hooks or nah? Come through.
Topics covered
Stay Updated
Get notified about new features and conference additions.
