Search Evasion Techniques
Names, Techniques, Definitions, Keywords
Search Result
7 item(s) found so far for this keyword.
Tor Network C2 Network Evasion
Tor is a free and open-source network that enables anonymous communication. It uses a network of volunteer-operated servers, known as "relays," to route internet traffic in a way that conceals the user's location and usage from surveillance and traffic analysis. By routing traffic through multiple relays, Tor makes it difficult to trace internet activity back to the user.
Malware …
Peer to peer C2 Network Evasion
Peer-to-peer (P2P) botnets are a type of botnet that uses a decentralized network structure, without a central command and control (C&C) server. Each infected machine in a P2P botnet maintains a list of other trusted computers (including other infected machines), as well as information drop locations and locations where the malware can be updated. Some P2P botnets also use encryption …
C2 via Social Networks Network Evasion
Malware often relies on a communication channel with its operator in order to receive instructions and updates. This channel is known as a command and control (C&C or C2) channel. C&C channels can take various forms, such as internet relay chat (IRC), peer-to-peer protocols, and even social media. The use of C&C channels allows the operator to remotely control the …
Base64 Data Obfuscation
Base64 is a simple encoding scheme that is often used by malware to represent binary data in an ASCII string. This allows the malware to encode and transmit binary data, such as a payload or network traffic, in a way that is more compact and easier to transmit over text-based communication channels.
Base64 uses a 64-character alphabet to encode …
Caesar Cipher Data Obfuscation
The Caesar Cipher is a simple encoding algorithm that was used during the Roman Empire to hide secret messages. In this algorithm, each letter of the plaintext is replaced with a letter that is a fixed number of positions down the alphabet. For example, if the shift value is 3, then the letter "A" would be replaced with "D", "B" …
Constant Blinding Data Obfuscation
Constant blinding can be employed by malware authors to obfuscate their malicious code, making it harder for security researchers and antivirus software to detect and analyze the malware. By using constant blinding techniques, the malware code can be concealed, increasing its chances of evading detection and maintaining persistence on the target system.
Here's how constant blinding can be utilized …
FuncIn Antivirus/EDR Evasion Anti-Debugging Anti-Disassembly Anti-Forensic
FuncIn involves a payload staging strategy wherein the entire set of malicious functionalities is not contained within the malware file itself or any third-party file/network location (e.g., a web server). Instead, these functionalities are transmitted over the network by the Command and Control (C2) server when required.
This approach addresses three primary issues in malware development. Firstly, it mitigates …