|
Removing Commands from SELinux Audit Logs
|
bash
|
|
10 months, 3 weeks
|
|
Deleting Troubleshoot Information and Core Dumps
|
bash
|
|
10 months, 3 weeks
|
|
Manipulating Debug Logs
|
bash
|
|
10 months, 3 weeks
|
|
Disabling Antivirus
|
PowerShell
|
|
2 years, 9 months
|
|
Thread Execution Hijacking
|
C++
|
|
2 years, 10 months
|
|
Propagate
|
C++
|
|
2 years, 11 months
|
|
Ctrl+Inject
|
C++
|
|
2 years, 11 months
|
|
Inline Hooking
|
C++
|
|
2 years, 11 months
|
|
SIDT, Red Pill
|
C++
|
|
2 years, 11 months
|
|
LOLbins
|
cmd
|
|
2 years, 11 months
|
|
Unloading Sysmon Driver
|
C++
|
|
3 years
|
|
Parent Process Detection
|
C++
|
|
3 years
|
|
Thwarting Stack-Frame Analysis
|
C++
|
|
3 years
|
|
Misusing Structured Exception Handlers
|
C++
|
|
3 years
|
|
API Obfuscation
|
Python
|
|
3 years
|
|
Control Flow Graph Flattening
|
C++
|
|
3 years
|
|
Obscuring Control Flow Using Pointers
|
C++
|
|
3 years
|
|
Obscuring Control Flow
|
C++
|
|
3 years
|
|
Jump With Same Target
|
C++
|
|
3 years
|
|
Dynamically Computed Target Address
|
C++
|
|
3 years
|
|
Disassembly Desynchronization
|
C++
|
|
3 years
|
|
NOP Sled
|
C++
|
|
3 years
|
|
Call Trick
|
C++
|
|
3 years
|
|
Inserting Garbage Bytes
|
C++
|
|
3 years
|
|
Register Reassignment
|
Assembly
|
|
3 years
|
|
Code Transposition
|
C++
|
|
3 years
|
|
Opaque Predicate
|
C
|
|
3 years
|
|
Performing Code Checksum
|
Python
|
|
3 years
|
|
Interrupts
|
C++
|
|
3 years
|
|
DLL Proxying
|
Python
|
|
3 years
|
|
Hook Injection
|
Python
|
|
3 years
|
|
Hook Injection
|
C++
|
|
3 years
|
|
NLS Code Injection Through Registry
|
C++
|
|
3 years, 5 months
|
|
Indicator Removal: Timestomp
|
C
|
|
3 years, 5 months
|
|
Killing Windows Event Log
|
C++
|
|
3 years, 5 months
|
|
Access Token Manipulation: Parent PID Spoofing
|
C++
|
|
3 years, 5 months
|
|
PE Injection
|
C++
|
|
3 years, 5 months
|
|
Reflective DLL injection
|
C++
|
|
3 years, 5 months
|
|
APC injection
|
C++
|
|
3 years, 5 months
|
|
Shellcode Injection via CreateThreadpoolWait
|
C++
|
|
3 years, 5 months
|
|
IAT Hooking
|
C++
|
|
3 years, 5 months
|
|
API Obfuscation
|
C++
|
|
3 years, 5 months
|
|
Unloading Sysmon Driver
|
cmd
|
|
3 years, 5 months
|
|
Execution Guardrails: Environmental Keying
|
C++
|
|
3 years, 5 months
|
|
ProcEnvInjection - Remote code injection by abusing process environment strings
|
C++
|
|
3 years, 5 months
|
|
Process Herpaderping
|
C++
|
|
3 years, 7 months
|
|
Disabling Event Tracing for Windows (ETW)
|
C++
|
|
3 years, 7 months
|
|
Guard Pages
|
C++
|
|
4 years, 10 months
|
|
EditWordBreakProc
|
C++
|
|
5 years, 1 month
|
|
CLIPBRDWNDCLASS
|
C++
|
|
5 years, 1 month
|
|
Listplanting
|
C++
|
|
5 years, 2 months
|
|
Checking Installed Software
|
C++
|
|
5 years, 2 months
|
|
Wiping or Encrypting
|
C++
|
|
5 years, 2 months
|
|
CPUID
|
C++
|
|
5 years, 2 months
|
|
Time Bomb
|
C++
|
|
5 years, 2 months
|
|
Time Bomb
|
C++
|
|
5 years, 2 months
|
|
Injection using Shims
|
C++
|
|
5 years, 2 months
|
|
Detecting Running Process: EnumProcess API
|
C++
|
|
5 years, 2 months
|
|
VPCEXT
|
C++
|
|
5 years, 2 months
|
|
EventPairHandles
|
C++
|
|
5 years, 2 months
|
|
Querying the I/O Communication Port
|
C++
|
|
5 years, 3 months
|
|
Process Hollowing, RunPE
|
Python
|
|
5 years, 3 months
|