Home
Search
Map
Resources
Technique List
Snippet List
Detection Rule List
Featured Evasion API List
Downloads
About
API
Search
CloseHandle
Low
Caution Level
39
Techniques Count
Kernel32.dll
Library Name
Read documentation
Through official Microsoft Developer Network (MSDN).
Featured in Techniques
Technique Name
Technique ID's
Has Snippet(s)
Has Rules(s)
Checking Specific Folder Name
U1331
User Interaction (Are you human?)
U1339
E1204
Parent Process Detection
U0404
File Melt
U1007
Thread Execution Hijacking
U1223
E1055.003
EditWordBreakProc
U1229
NTFS Files Attributes
U0501
Breaking BaDDEr
U1201
Listplanting
U1207
ConsoleWindowClass
U1209
Atom Bombing
U1220
NLS Code Injection Through Registry
U1237
RDTSC
U0126
Detecting Online Sandbox
U1338
Reflective DLL injection
U1224
PE Injection
U1216
E1055.002
IsDebugged Flag
U0113
B0001.019
APC injection
U1221
E1055.004
WordWarping
U1204
DNS API Injection
U1202
CLIPBRDWNDCLASS
U1203
FLIRT Signatures Evasion
U0220
Wiping or Encrypting
U0301
Detecting Running Process: EnumProcess API
U0109
U0405
U1306
Detecting Window with FindWindow API
U0406
U0123
CloseHandle, NtClose
U0114
B0001.003
Process Hollowing, RunPE
U1225
E1055.012
ProcEnvInjection - Remote code injection by abusing process environment strings
U1235
Kill Process
U0403
OLEUM
U1206
Treepoline
U1208
Process Doppelgänging
U1215
Access Token Manipulation: Parent PID Spoofing
U1234
T1134.004
Indicator Removal: Timestomp
U0303
T1070.006
SuspendThread
U0101
C0055
Extra Window Memory Injection
U1219
E1055.011
DLL Injection via CreateRemoteThread and LoadLibrary
U1226
E1055.001
C2 via FTP(S)
U0910
SMB / Named Pipes
U9011