Snippet List

Technique	Language	Author	Creation Date
WMI Event Subscriptions	PowerShell	1d8	3 months, 2 weeks
Adding antivirus exception	Python	Malfav.Win32	4 months, 4 weeks
System Binary Proxy Execution: Rundll32	Delphi	DarkCoderSc	5 months, 2 weeks
Removing Commands from SELinux Audit Logs	bash	Unprotect	6 months
Deleting Troubleshoot Information and Core Dumps	bash	Unprotect	6 months
Manipulating Debug Logs	bash	Unprotect	6 months
XProtect Encryption Abuse	Python		6 months, 1 week
kernel flag inspection via sysctl	Python	fr0gger	6 months, 1 week
Exfiltration via SMTP	C#	Tasdir	6 months, 1 week
XBEL Recently Opened Files Check	Python	1d8	6 months, 1 week
Virtualization/Sandbox Evasion: User Activity Based Checks	Python	1d8	7 months, 1 week
Default Windows Wallpaper Check	Golang	1d8	7 months, 2 weeks
Abusing the Return Pointer	Assembly	0x_ror	7 months, 3 weeks
Impossible Disassembly	Rust	Gelven	7 months, 3 weeks
Detecting Virtual Environment Process	C++	0x_ror	7 months, 4 weeks
Process Argument Spoofing	Python	Wietze	8 months
Process Argument Spoofing	C	Wietze	8 months
Event Triggered Execution: Linux Inotify	Python	1d8	8 months
API Hammering	C++	0x_ror	8 months
Replication Through Removable Media	Python	1d8	9 months
QEMU CPU brand evasion	C++	kernelwernel	10 months, 2 weeks
bochs CPU oversights evasion	C++	kernelwernel	10 months, 2 weeks
Impair Defenses: Disable Windows Event Logging	PowerShell	0x0d4y	11 months
Impair Defenses: Disable Windows Event Logging	bash	0x0d4y	11 months
AppInit DLL Injection	C	1d8	11 months
Hide Artifacts: Hidden Window	C	1d8	11 months
VboxEnumShares	C++	HoIIovv	11 months
Odd Thread Count	C++	kernelwernel	11 months
Hyper-V Signature	C++	kernelwernel	11 months
NtDelayExecution	C	d4rksystem	11 months

Filter

User

Language

Clear