Technique List

Technique Name Technique ID's Categories Has Snippet(s) Has Rules(s) Creation Date
Obscuring Control Flow U0212 Anti-Disassembly 4 years, 6 months
Abusing the Return Pointer U0213 Anti-Disassembly 4 years, 6 months
Obscuring Control Flow Using Pointers U0214 Anti-Disassembly 4 years, 6 months
Spaghetti, Junk Code U0215 Anti-Disassembly 4 years, 6 months
Control Flow Graph Flattening U0216 Anti-Disassembly 4 years, 6 months
API Obfuscation U0217 B0032.001 Anti-Disassembly 4 years, 6 months
INT3 Instruction Scanning U0105 B0001.025 Anti-Debugging 4 years, 6 months
Interrupts U0106 Anti-Debugging 4 years, 6 months
Performing Code Checksum U0107 Anti-Debugging 4 years, 6 months
Unhandled Exception Filter U0108 B0001.030 Anti-Debugging 4 years, 6 months
Bad String Format U0104 Anti-Debugging 4 years, 6 months
TLS Callback U0124 Anti-Debugging 4 years, 6 months
Detecting Running Process: EnumProcess API U0109 U0405 U1306 Sandbox Evasion, Anti-Monitoring, Anti-Debugging 4 years, 6 months
Detecting Window with FindWindow API U0406 U0123 Anti-Monitoring, Anti-Debugging 4 years, 6 months
GetLocalTime, GetSystemTime, timeGetTime, NtQueryPerformanceCounter U0110 U1308 B0001.28 Sandbox Evasion, Anti-Debugging 4 years, 6 months
GetTickCount U0125 B0001.032 Anti-Debugging 4 years, 6 months
RDTSC U0126 Anti-Debugging 4 years, 6 months
NtGlobalFlag U0111 B0001.036 Anti-Debugging 4 years, 6 months
Heap Flag U0112 B0001.021 Anti-Debugging 4 years, 6 months
IsDebugged Flag U0113 B0001.019 Anti-Debugging 4 years, 6 months
CloseHandle, NtClose U0114 B0001.003 Anti-Debugging 4 years, 6 months
CsrGetProcessID U0115 Anti-Debugging 4 years, 6 months
EventPairHandles U0116 Anti-Debugging 4 years, 6 months
OutputDebugString U0117 B0001.016 Anti-Debugging 4 years, 6 months
NtQueryObject U0118 B0001.013 Anti-Debugging 4 years, 6 months
NtSetInformationThread U0119 B0001.014 Anti-Debugging 4 years, 6 months
NtQueryInformationProcess U0120 B0001.012 Anti-Debugging 4 years, 6 months
CheckRemoteDebuggerPresent U0121 B0001.002 Anti-Debugging 4 years, 6 months
IsDebuggerPresent U0122 B0001.008 Anti-Debugging 4 years, 6 months
Fake Signature U0506 Antivirus/EDR Evasion 4 years, 6 months
Filter
Clear