A newly disclosed red-team tool dubbed “EDRChoker” is drawing attention across the cybersecurity community for its novel approach to disrupting Endpoint Detection and Response (EDR) visibility by abusing Windows Policy-based Quality of Service (quality of service). Unlike traditional EDR evasion techniques that rely on firewall manipulation or Windows Filtering Platform (WFP) rule injection, EDRChoker operates […]

The post EDRChoker Tool Abuses Windows QoS Policies to Disrupt Endpoint Security Tools appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/edrchoker-tool-abuses-windows-qos-policies/