Identifier: LBQDEB
Description:
- “Detecting, Deobfuscating, and Preventing Obfuscated Script Execution with Tree‑sitter”
- Discusses obfuscation in PowerShell, Python, and JavaScript.
- Explains AMSI bypasses and detection challenges.
- Demonstrates custom AMSI provider DLL using tree‑sitter parsing.
- Showcases automated detection of AMSI bypass attempts and obfuscated payloads.
Location & Metadata:
- Location: Breaking Ground, Florentine A
- Date/Time: Monday, 18:00–18:45
- Speaker: David McDonald
