• Home
  • Search
  • Map
  • Resources
    • Technique List
    • Snippet List
    • Detection Rule List
    • Featured Evasion API List
  • Downloads
  • About
  • API

Search Evasion Techniques

Names, Techniques, Definitions, Keywords

I'm Feeling Lucky

Search Result

5 item(s) found so far for this keyword.

Hijack Execution Flow: COR_PROFILER Defense Evasion [Mitre]

Adversaries may leverage the COR_PROFILER environment variable to hijack the execution flow of programs that load the .NET CLR. The COR_PROFILER is a .NET Framework feature which allows developers to specify an unmanaged (or external of .NET) profiling DLL to be loaded into each .NET process that loads the Common Language Runtime (CLR). These profilers are designed to monitor, troubleshoot, …

Trusted Developer Utilities Proxy Execution: MSBuild Defense Evasion [Mitre]

Adversaries may use MSBuild to proxy execution of code through a trusted Windows utility. MSBuild.exe (Microsoft Build Engine) is a software build platform used by Visual Studio. It handles XML formatted project files that define requirements for loading and building various platforms and configurations.

Adversaries can abuse MSBuild to proxy execution of malicious code. The inline task capability of MSBuild …

ConfuserEx Packers

ConfuserEx is a open-source protector for .NET applications. It is the successor of Confuser project.

  • Supports .NET Framework 2.0/3.0/3.5/4.0/4.5/4.6/4.7/4.8

  • Symbol renaming (Support WPF/BAML)

  • Protection against debuggers/profilers

  • Protection against memory dumping

  • Protection against tampering (method encryption)

  • Control flow obfuscation

  • Constant/resources encryption

  • Reference hiding proxies

  • Disable decompilers

  • Embedding dependency

  • Compressing output

Alternate EXE Packer Packers

EXE Packer is able to compress executable files (type EXE) or DLL-files. Already compressed files may also be decompressed with this program. There exist 12 different levels for file-compression. This program is also able to create backups of the files that shall be compressed.

If a file is compressed the physical file-size is reduced on the respective device. A compressed …

Tor Network C2 Network Evasion

Tor is a free and open-source network that enables anonymous communication. It uses a network of volunteer-operated servers, known as "relays," to route internet traffic in a way that conceals the user's location and usage from surveillance and traffic analysis. By routing traffic through multiple relays, Tor makes it difficult to trace internet activity back to the user.

Malware can …

Made with in 🇫🇷 © 2023. The #UnprotectProject

Terms And Conditions

Contribute