Think your antivirus or EDR can stop everything? Think again! In this video, we’re diving into a wild new way to bypass endpoint detection using Electron apps like Microsoft Teams and VS Code. Meet Loki—a slick C2 tool built by IBM X-Force Red’s red team legend, Bobby Cooke. We’ll break down what Electron apps are, how they run JavaScript to sneak past defences, and even demo the trick with a simple animation. Stick around to see how it all works—and don’t miss the link to Bobby’s blog for the deep dive!
Also note: this video is to show how to get Loki running and in the vdeo we use it on Windows Defender Antivirus. However it has been tested against full blown EDR's, and has withstood testing in enterprise environments. This is a solid way of bypassing EDR in 2025.
⚠ Disclaimer: This is for educational purposes only. Only test this on systems you own or have permission to use. Happy hacking, and let’s make the world more secure together!
🔗 Check out Bobby’s blog: https://www.ibm.com/think/x-force/bypassing-windows-defender-application-control-loki-c2
☕ If you'd be so kind to buy Clint and Si a Coffee that would be awesome: https://buymeacoffee.com/clint_and_si
👍 Like, subscribe, and hit the bell for more cybersecurity videos!
Feel Free to check out our socials too:
https://www.instagram.com/clint_and_si_the_hackers_/
https://www.tiktok.com/@clint_and_si_the_hackers
https://x.com/SimonExley25688
https://discord.gg/geQUGFaUdf
https://linkedin.com/in/simon-exley-355816194
https://uk.linkedin.com/in/clinton-elves-180ba0148