• Home
  • Search
  • Map
  • Scan
  • Resources
    • Technique List
    • Snippet List
    • Detection Rule List
    • Featured Evasion API List
    • Contributors
    • Scanned Samples
  • Tools
  • About
  • API
    • Unprotect API
    • API Documentation
  • Avatar Login

Search Evasion Techniques

Names, Techniques, Definitions, Keywords

Clear

Search Result

5 item(s) found so far for this keyword.

Rootkit Defense Evasion [Mitre]

Adversaries may use rootkits to hide the presence of programs, files, network connections, services, drivers, and other system components. Rootkits are programs that hide the existence of malware by intercepting/hooking and modifying operating system API calls that supply system information.

Rootkits or rootkit enabling functionality may reside at the user or kernel level in the operating system or lower, …

Inline Hooking Process Manipulating

Inline hooking is a technique used to intercept calls to target functions. It is commonly used by antiviruses, sandboxes, and malware to perform a variety of tasks, such as checking parameters, shimming, logging, spoofing returned data, and filtering calls.

The process of inline hooking involves directly modifying the code within the target function, usually by overwriting the first few …

Pre-OS Boot: System Firmware Defense Evasion [Mitre]

Adversaries may modify system firmware to persist on systems.The BIOS (Basic Input/Output System) and The Unified Extensible Firmware Interface (UEFI) or Extensible Firmware Interface (EFI) are examples of system firmware that operate as the software interface between the operating system and hardware of a computer.

System firmware like BIOS and (U)EFI underly the functionality of a computer and may …

IAT Hooking Process Manipulating

IAT hooking is a way to run malicious code by modifying the Import Address Table of a specific executable. Consisting of replacing one legitimate function from imported DLL by a malicious one.

IAT hooking and inline hooking are generally known as userland rootkits. IAT hooking is a technique that malware uses to change the import address table. When a …

Impair Defenses: Disable or Modify Tools Defense Evasion [Mitre]

Adversaries may modify and/or disable security tools to avoid possible detection of their malware/tools and activities. This may take many forms, such as killing security software processes or services, modifying / deleting Registry keys or configuration files so that tools do not operate properly, or other methods to interfere with security tools scanning or reporting information. Adversaries may also disable …

The #UnprotectProject is brought to you by 🇫🇷 fr0gger_ and 🇫🇷 DarkCoderSc

Terms And Conditions | Cookie Policy | Cookies preferences | GDPR

Contribute Now