• Home
  • Search
  • Map
  • Scan
  • Resources
    • Technique List
    • Snippet List
    • Detection Rule List
    • Featured Evasion API List
    • Contributors
    • Scanned Samples
  • Tools
  • About
  • API
    • Unprotect API
    • API Documentation
  • Avatar Login

Search Evasion Techniques

Names, Techniques, Definitions, Keywords

Clear

Search Result

24 item(s) found so far for this keyword.

AsPack Packers

ASPack is an EXE packer created to compress Win32 executable files and to protect them against reverse engineering.

The solution makes Windows programs and libraries smaller up to 70% what leads to a reduction in the download time of compressed applications in local networks and the Internet because of their smaller size compared to uncompressed apps.

The ASPack …

PEtite Packers

Petite is a free Win32 (Windows 95/98/2000/NT/XP/Vista/7/etc) executable (EXE/DLL/etc) compressor. The compressed executables decompress themselves at run time and can be used just like the original non-compressed versions.

Petite also adds virus detection to the compressed executables; they will check themselves for infection every time they are executed.

Crinkler Packers

Crinkler is a compressing linker for Windows, specifically targeted towards executables with a size of just a few kilobytes.

PECompact Packers

PECompact is a Windows executable compressor. It has a plugin system that offers virtually customization.

AsProtect Packers

ASProtect is a multifunctional EXE packing tool designed for software developers to protect 32-bit applications with in-built application copy protection system.

It includes software compression, provides protection methods and tools for software from unauthorized copying, analysis, disassemblers and debuggers.

ASProtect 32 also provides enhanced work with registration keys and the ability to create a single application that can …

ConfuserEx Packers

ConfuserEx is a open-source protector for .NET applications. It is the successor of Confuser project. It's primarily designed to make reverse engineering difficult for applications written in .NET languages like C# and VB.NET. ConfuserEx does this by using a variety of techniques like symbol renaming, control flow obfuscation, and encryption of strings and resources.

  • Supports .NET …

hXOR Packer Packers

hXOR Packer is a PE (Portable Executable) packer with Huffman Compression and Xor encryption.

The unpacker will decompress and decrypt the packed PE and execute it directly from memory without needing any hard disk space to execute.

theArk Packers

Packer tool developed in C/C++. Full implementation of the linker, dynamic decompression and spraying in memory to complete file mapping.

PESpin Packers

PESpin is a Windows executable files protector, compressor coded in Win32ASM using MASM. Overall, this application will enable the compression of the entire executable - code, data, and resources, thus leaving the file protected against patching or disassembling.

Hide Artifacts: VBA Stomping Defense Evasion [Mitre]

Adversaries may hide malicious Visual Basic for Applications (VBA) payloads embedded within MS Office documents by replacing the VBA source code with benign data.

MS Office documents with embedded VBA content store source code inside of module streams. Each module stream has a PerformanceCache that stores a separate compiled version of the VBA source code known as p-code. The …

  • 1
  • 2
  • 3

The #UnprotectProject is brought to you by 🇫🇷 fr0gger_ and 🇫🇷 DarkCoderSc

Terms And Conditions | Cookie Policy | Cookies preferences | GDPR

Contribute Now