Technique List

Technique Name Technique ID's Categories Has Snippet(s) Has Rules(s) Creation Date
Hijack Execution Flow: Executable Installer File Permissions Weakness T1574.005 Defense Evasion [Mitre] 1 year, 2 months
Hijack Execution Flow: DLL Side-Loading T1574.002 Defense Evasion [Mitre] 1 year, 2 months
Hide Artifacts: Process Argument Spoofing T1564.010 Defense Evasion [Mitre] 1 year, 2 months
Hide Artifacts: Email Hiding Rules T1564.008 Defense Evasion [Mitre] 1 year, 2 months
Hide Artifacts: VBA Stomping T1564.007 Defense Evasion [Mitre] 1 year, 2 months
Hide Artifacts: Run Virtual Instance T1564.006 Defense Evasion [Mitre] 1 year, 2 months
Hide Artifacts: Hidden File System T1564.005 Defense Evasion [Mitre] 1 year, 2 months
Hide Artifacts: NTFS File Attributes T1564.004 Defense Evasion [Mitre] 1 year, 2 months
Hide Artifacts: Hidden Window T1564.003 Defense Evasion [Mitre] 1 year, 2 months
Hide Artifacts: Hidden Users T1564.002 Defense Evasion [Mitre] 1 year, 2 months
Hide Artifacts: Hidden Files and Directories T1564.001 Defense Evasion [Mitre] 1 year, 2 months
Windows File and Directory Permissions Modification T1222.001 Defense Evasion [Mitre] 1 year, 2 months
Domain Member U1341 Sandbox Evasion 1 year, 2 months
CPU Counting U1340 B0009.018 Sandbox Evasion 1 year, 2 months
Return Address Spoofing U0518 Antivirus/EDR Evasion 1 year, 2 months
Avoiding Memory Scanners (Yara, Pe-sieve...) U1009 Others 1 year, 2 months
Domain Policy Modification: Domain Trust Modification T1484.002 Defense Evasion [Mitre] 1 year, 2 months
Domain Policy Modification: Group Policy Modification T1484.001 Defense Evasion [Mitre] 1 year, 2 months
Access Token Manipulation: SID-History Injection T1134.005 Defense Evasion [Mitre] 1 year, 2 months
Access Token Manipulation: Make and Impersonate Token T1134.003 Defense Evasion [Mitre] 1 year, 2 months
Access Token Manipulation: Create Process with Token T1134.002 Defense Evasion [Mitre] 1 year, 2 months
Access Token Manipulation: Token Impersonation/Theft T1134.001 Defense Evasion [Mitre] 1 year, 2 months
Homograph Attack (Punycode) U0909 Network Evasion 1 year, 3 months
Domain Fronting U0908 T1090.004 Network Evasion, Defense Evasion [Mitre] 1 year, 3 months
Milfuscator U1429 Packers 1 year, 3 months
Dirty Vanity U1242 Process Manipulating 1 year, 4 months
Mark-Of-The-Web (MOTW) Bypass U0517 Antivirus/EDR Evasion 1 year, 6 months
Tamper DLL Export Names & GetProcAddress Spoofing U1241 Process Manipulating 1 year, 8 months
Hijack Execution Flow: DLL Search Order Hijacking T1574.001 Defense Evasion [Mitre] 1 year, 8 months
DLL Proxying U1240 Process Manipulating 1 year, 8 months

Filter