Technique List
Technique Name | Technique ID's | Categories | Snippet(s) | Rules(s) | OS | Creation Date |
---|---|---|---|---|---|---|
Domain Policy Modification: Group Policy Modification | T1484.001 | Defense Evasion [Mitre] | 1 year, 9 months | |||
Access Token Manipulation: SID-History Injection | T1134.005 | Defense Evasion [Mitre] | 1 year, 9 months | |||
Access Token Manipulation: Make and Impersonate Token | T1134.003 | Defense Evasion [Mitre] | 1 year, 9 months | |||
Access Token Manipulation: Create Process with Token | T1134.002 | Defense Evasion [Mitre] | 1 year, 9 months | |||
Access Token Manipulation: Token Impersonation/Theft | T1134.001 | Defense Evasion [Mitre] | 1 year, 9 months | |||
Homograph Attack (Punycode) | U0909 | Network Evasion | 1 year, 9 months | |||
Domain Fronting | U0908 T1090.004 | Network Evasion, Defense Evasion [Mitre] | 1 year, 9 months | |||
Milfuscator | U1429 | Packers | 1 year, 10 months | |||
Dirty Vanity | U1242 | Process Manipulating | 1 year, 10 months | |||
Mark-Of-The-Web (MOTW) Bypass | U0517 | Antivirus/EDR Evasion | 2 years | |||
Tamper DLL Export Names & GetProcAddress Spoofing | U1241 | Process Manipulating | 2 years, 3 months | |||
Hijack Execution Flow: DLL Search Order Hijacking | T1574.001 | Defense Evasion [Mitre] | 2 years, 3 months | |||
DLL Proxying | U1240 | Process Manipulating | 2 years, 3 months | |||
Change Module Base Address at Runtime | U1239 | Process Manipulating | 2 years, 3 months | |||
Change Module Name at Runtime | U1238 | Process Manipulating | 2 years, 3 months | |||
FLIRT Signatures Evasion | U0220 | Anti-Disassembly | 2 years, 4 months | |||
Windows Event Log Evasion via Native APIs | U0307 | Anti-Forensic | 2 years, 4 months | |||
Trap Flag | U0131 | Anti-Debugging | 2 years, 4 months | |||
ICE 0xF1 | U0130 | Anti-Debugging | 2 years, 4 months | |||
INT 0x2D | U0129 B0001.006 | Anti-Debugging | 2 years, 4 months | |||
BobSoft Mini Delphi Packer | U1428 | Packers | 2 years, 4 months | |||
CryptOne | U1427 | Packers | 2 years, 4 months | |||
CloudEye/DarkEye | U1426 | Packers | 2 years, 4 months | |||
NLS Code Injection Through Registry | U1237 | Process Manipulating | 2 years, 4 months | |||
DTPacker | U1416 | Packers | 2 years, 4 months | |||
PESpin | U1425 | Packers | 2 years, 4 months | |||
theArk | U1424 | Packers | 2 years, 4 months | |||
.Net Reactor | U1423 | Packers | 2 years, 4 months | |||
.Net Anti-Decompiler | U1422 | Packers | 2 years, 4 months | |||
Obsidium | U1421 | Packers | 2 years, 4 months |