Technique List
| Technique Name | Technique ID's | Categories | Has Snippet(s) | Has Rules(s) | Creation Date |
|---|---|---|---|---|---|
| Access Token Manipulation: Create Process with Token | T1134.002 | Defense Evasion [Mitre] | 1 month, 4 weeks | ||
| Access Token Manipulation: Token Impersonation/Theft | T1134.001 | Defense Evasion [Mitre] | 1 month, 4 weeks | ||
| Homograph Attack (Punycode) | U0909 | Network Evasion | 2 months, 1 week | ||
| Domain Fronting | U0908 T1090.004 | Defense Evasion [Mitre], Network Evasion | 2 months, 1 week | ||
| Milfuscator | U1429 | Packers | 3 months | ||
| Dirty Vanity | U1242 | Process Manipulating | 3 months, 1 week | ||
| Mark-Of-The-Web (MOTW) Bypass | U0517 | Antivirus/EDR Evasion | 5 months, 1 week | ||
| Tamper DLL Export Names & GetProcAddress Spoofing | U1241 | Process Manipulating | 7 months, 2 weeks | ||
| Hijack Execution Flow: DLL Search Order Hijacking | T1574.001 | Defense Evasion [Mitre] | 8 months | ||
| DLL Proxying | U1240 | Process Manipulating | 8 months | ||
| Change Module Base Address at Runtime | U1239 | Process Manipulating | 8 months, 1 week | ||
| Change Module Name at Runtime | U1238 | Process Manipulating | 8 months, 1 week | ||
| FLIRT Signatures Evasion | U0220 | Anti-Disassembly | 8 months, 4 weeks | ||
| Windows Event Log Evasion via Native APIs | U0307 | Anti-Forensic | 9 months | ||
| Trap Flag | U0131 | Anti-Debugging | 9 months, 1 week | ||
| ICE 0xF1 | U0130 | Anti-Debugging | 9 months, 1 week | ||
| INT 0x2D | U0129 B0001.006 | Anti-Debugging | 9 months, 1 week | ||
| BobSoft Mini Delphi Packer | U1428 | Packers | 9 months, 1 week | ||
| CryptOne | U1427 | Packers | 9 months, 1 week | ||
| CloudEye/DarkEye | U1426 | Packers | 9 months, 1 week | ||
| NLS Code Injection Through Registry | U1237 | Process Manipulating | 9 months, 1 week | ||
| DTPacker | U1416 | Packers | 9 months, 1 week | ||
| PESpin | U1425 | Packers | 9 months, 1 week | ||
| theArk | U1424 | Packers | 9 months, 1 week | ||
| .Net Reactor | U1423 | Packers | 9 months, 1 week | ||
| .Net Anti-Decompiler | U1422 | Packers | 9 months, 1 week | ||
| Obsidium | U1421 | Packers | 9 months, 1 week | ||
| AxProtector | U1420 | Packers | 9 months, 1 week | ||
| PELock | U1419 | Packers | 9 months, 1 week | ||
| hXOR Packer | U1418 | Packers | 9 months, 1 week |