https://r0tbyt3.dev/tags/obfuscation-and-detection-evasion/Recent content in Obfuscation-and-Detection-Evasion on Jesus OsegueraHugoen-ushttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/amsi-bypass/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/amsi-bypass/AMSI Bypass AMSI Bypass - techniques for disabling or circumventing the Antimalware Scan Interface to prevent PowerShell and script content from being scanned. AMSI Bypass Byte Patching AMSI Evasion AMSI Evasion via Hardware Breakpoint Hooks AMSI Evasion via Patching Introduction to AMSI Patchless AMSI Bypass via Hardware Breakpoints Related Links: Anti-Analysis Automated Obfuscation Techniques Code Obfuscation Covering Tracks ETW Bypass NTDLL Unhooking and API Hookinghttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/amsi-bypass/amsi-bypass-byte-patching/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/amsi-bypass/amsi-bypass-byte-patching/AMSI Bypass Byte Patching AMSI Bypass Byte Patching - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AMSI Evasion AMSI Evasion via Hardware Breakpoint Hooks AMSI Evasion via Patching Introduction to AMSI Patchless AMSI Bypass via Hardware Breakpointshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/amsi-bypass/amsi-evasion/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/amsi-bypass/amsi-evasion/AMSI Evasion AMSI Evasion - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AMSI Bypass Byte Patching AMSI Evasion via Hardware Breakpoint Hooks AMSI Evasion via Patching Introduction to AMSI Patchless AMSI Bypass via Hardware Breakpointshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/amsi-bypass/amsi-evasion-via-hardware-breakpoint-hooks/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/amsi-bypass/amsi-evasion-via-hardware-breakpoint-hooks/AMSI Evasion via Hardware Breakpoint Hooks AMSI Evasion via Hardware Breakpoint Hooks - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AMSI Bypass Byte Patching AMSI Evasion AMSI Evasion via Patching Introduction to AMSI Patchless AMSI Bypass via Hardware Breakpointshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/amsi-bypass/amsi-evasion-via-patching/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/amsi-bypass/amsi-evasion-via-patching/AMSI Evasion via Patching AMSI Evasion via Patching - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AMSI Bypass Byte Patching AMSI Evasion AMSI Evasion via Hardware Breakpoint Hooks Introduction to AMSI Patchless AMSI Bypass via Hardware Breakpointshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/Anti-Analysis Anti-Analysis - techniques that detect and subvert debugging, virtual machine, and sandbox environments to prevent dynamic malware analysis. Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniques Related Links: AMSI Bypass Automated Obfuscation Techniques Code Obfuscation Covering Tracks ETW Bypass NTDLL Unhooking and API Hookinghttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/anti-debugging-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/anti-debugging-techniques/Anti-Debugging Techniques Anti-Debugging Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/anti-debugging-via-ntglobalflag/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/anti-debugging-via-ntglobalflag/Anti-Debugging via NtGlobalFlag Anti-Debugging via NtGlobalFlag - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/anti-debugging-via-ntsystemdebugcontrol/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/anti-debugging-via-ntsystemdebugcontrol/Anti-Debugging via NtSystemDebugControl Anti-Debugging via NtSystemDebugControl - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/anti-debugging-via-processdebugflags/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/anti-debugging-via-processdebugflags/Anti-Debugging via ProcessDebugFlags Anti-Debugging via ProcessDebugFlags - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/anti-debugging-via-ptrace/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/anti-debugging-via-ptrace/Anti-Debugging via Ptrace Anti-Debugging via Ptrace - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/anti-debugging-via-tls-callbacks/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/anti-debugging-via-tls-callbacks/Anti-Debugging via TLS Callbacks Anti-Debugging via TLS Callbacks - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/anti-forensic-evasion-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/anti-forensic-evasion-techniques/Anti-Forensic Evasion Techniques Anti-Forensic Evasion Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/covering-tracks/anti-forensic-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/covering-tracks/anti-forensic-techniques/Anti-Forensic Techniques Anti-Forensic Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Covering Tracks Techniques Data Destruction Techniques File Time Stomping Log Tampering Techniques Self-Deletion Techniques Shadow Copy Deletion Timestomping Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/anti-malware-evasion-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/anti-malware-evasion-techniques/Anti-Malware Evasion Techniques Anti-Malware Evasion Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/anti-virtualization-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/anti-virtualization-techniques/Anti-Virtualization Techniques Anti-Virtualization Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/anti-virus-evasion-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/anti-virus-evasion-techniques/Anti-Virus Evasion Techniques Anti-Virus Evasion Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/ap-string-hashing-algorithm/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/ap-string-hashing-algorithm/AP String Hashing Algorithm AP String Hashing Algorithm - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/ap-string-hashing-algorithm-ascii/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/ap-string-hashing-algorithm-ascii/AP String Hashing Algorithm ASCII AP String Hashing Algorithm ASCII - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/ap-string-hashing-syscalls-hash-values-nt/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/ap-string-hashing-syscalls-hash-values-nt/AP String Hashing Syscalls Hash Values NT AP String Hashing Syscalls Hash Values NT - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/ap-syscalls-hash-values-zw/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/ap-syscalls-hash-values-zw/AP Syscalls Hash Values ZW AP Syscalls Hash Values ZW - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/ap-winapis-hash-values/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/ap-winapis-hash-values/AP WinAPIs Hash Values AP WinAPIs Hash Values - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/ntdll-unhooking-and-api-hooking/api-hooking-variants/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/ntdll-unhooking-and-api-hooking/api-hooking-variants/API Hooking Variants API Hooking Variants - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Hardware Hooks NTDLL Unhooking NTDLL Unhooking Variants Unhooking All DLLs Utilizing Hardware Breakpoints for Hooking 1 Utilizing Hardware Breakpoints for Hooking 2https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/automated-evasion-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/automated-evasion-techniques/Automated Evasion Techniques Automated Evasion Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/automated-obfuscation-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/automated-obfuscation-techniques/Automated Obfuscation Techniques Automated Obfuscation Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AMSI Bypass Anti-Analysis Code Obfuscation Covering Tracks ETW Bypass NTDLL Unhooking and API Hookinghttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/avoid-detection-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/avoid-detection-techniques/Avoid Detection Techniques Avoid Detection Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/bypass-eaf-export-address-filtering/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/bypass-eaf-export-address-filtering/Bypass EAF Export Address Filtering Bypass EAF Export Address Filtering - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/cfg-query/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/cfg-query/CFG Query CFG Query - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/check-debug-object-handle/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/check-debug-object-handle/Check Debug Object Handle Check Debug Object Handle - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/check-debug-object-handle-via-ntqueryinformationprocess/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/check-debug-object-handle-via-ntqueryinformationprocess/Check Debug Object Handle via NtQueryInformationProcess Check Debug Object Handle via NtQueryInformationProcess - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/check-hyper-v-status/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/check-hyper-v-status/Check Hyper-V Status Check Hyper-V Status - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/Code Obfuscation Code Obfuscation - techniques that transform malware code to disguise its true purpose and evade signature-based and heuristic detection. AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniques Related Links: AMSI Bypass Anti-Analysis Automated Obfuscation Techniques Covering Tracks ETW Bypass NTDLL Unhooking and API Hookinghttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/code-obfuscation/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/code-obfuscation/Code Obfuscation Code Obfuscation - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/compile-time-getmodulehandle/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/compile-time-getmodulehandle/Compile-Time GetModuleHandle Compile-Time GetModuleHandle - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/compile-time-getprocaddress/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/compile-time-getprocaddress/Compile-Time GetProcAddress Compile-Time GetProcAddress - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/covering-tracks/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/covering-tracks/Covering Tracks Covering Tracks - techniques to erase or tamper with forensic evidence including logs, timestamps, and file system artifacts after a compromise. Anti-Forensic Techniques Covering Tracks Techniques Data Destruction Techniques File Time Stomping Log Tampering Techniques Self-Deletion Techniques Shadow Copy Deletion Timestomping Techniques Related Links: AMSI Bypass Anti-Analysis Automated Obfuscation Techniques Code Obfuscation ETW Bypass NTDLL Unhooking and API Hookinghttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/covering-tracks/covering-tracks-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/covering-tracks/covering-tracks-techniques/Covering Tracks Techniques Covering Tracks Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Forensic Techniques Data Destruction Techniques File Time Stomping Log Tampering Techniques Self-Deletion Techniques Shadow Copy Deletion Timestomping Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/covering-tracks/data-destruction-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/covering-tracks/data-destruction-techniques/Data Destruction Techniques Data Destruction Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Forensic Techniques Covering Tracks Techniques File Time Stomping Log Tampering Techniques Self-Deletion Techniques Shadow Copy Deletion Timestomping Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/detect-virtualization-methods/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/detect-virtualization-methods/Detect Virtualization Methods Detect Virtualization Methods - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/detect-virtualization-via-hardware-specification/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/detect-virtualization-via-hardware-specification/Detect Virtualization via Hardware Specification Detect Virtualization via Hardware Specification - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/detect-virtualization-via-monitor-resolution/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/detect-virtualization-via-monitor-resolution/Detect Virtualization via Monitor Resolution Detect Virtualization via Monitor Resolution - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/detect-virtualization-via-user-interaction/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/detect-virtualization-via-user-interaction/Detect Virtualization via User Interaction Detect Virtualization via User Interaction - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/detect-virtualized-environments/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/detect-virtualized-environments/Detect Virtualized Environments Detect Virtualized Environments - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/ETW Bypass ETW Bypass - techniques for disabling or subverting Event Tracing for Windows to prevent telemetry collection by EDR and monitoring tools. ETW Bypass Byte Patching ETW Bypass Improved Patching ETW Discovering ETW Tools ETW Evasion ETW Evasion via NtTraceEvent Patching ETW Evasion via Patching ETW Evasion via Patching EtwpEventWrite ETW Evasion via Patching EtwpEventWrite v2 ETW Evasion via WinAPIs Patching ETW Provider Session Hijacking Introduction to ETW Patchless ETW Bypass via Hardware Breakpoints Related Links: AMSI Bypass Anti-Analysis Automated Obfuscation Techniques Code Obfuscation Covering Tracks NTDLL Unhooking and API Hookinghttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/etw-bypass-byte-patching/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/etw-bypass-byte-patching/ETW Bypass Byte Patching ETW Bypass Byte Patching - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: ETW Bypass Improved Patching ETW Discovering ETW Tools ETW Evasion ETW Evasion via NtTraceEvent Patching ETW Evasion via Patching ETW Evasion via Patching EtwpEventWrite ETW Evasion via Patching EtwpEventWrite v2 ETW Evasion via WinAPIs Patching ETW Provider Session Hijacking Introduction to ETW Patchless ETW Bypass via Hardware Breakpointshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/etw-bypass-improved-patching/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/etw-bypass-improved-patching/ETW Bypass Improved Patching ETW Bypass Improved Patching - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: ETW Bypass Byte Patching ETW Discovering ETW Tools ETW Evasion ETW Evasion via NtTraceEvent Patching ETW Evasion via Patching ETW Evasion via Patching EtwpEventWrite ETW Evasion via Patching EtwpEventWrite v2 ETW Evasion via WinAPIs Patching ETW Provider Session Hijacking Introduction to ETW Patchless ETW Bypass via Hardware Breakpointshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/etw-discovering-etw-tools/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/etw-discovering-etw-tools/ETW Discovering ETW Tools ETW Discovering ETW Tools - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: ETW Bypass Byte Patching ETW Bypass Improved Patching ETW Evasion ETW Evasion via NtTraceEvent Patching ETW Evasion via Patching ETW Evasion via Patching EtwpEventWrite ETW Evasion via Patching EtwpEventWrite v2 ETW Evasion via WinAPIs Patching ETW Provider Session Hijacking Introduction to ETW Patchless ETW Bypass via Hardware Breakpointshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/etw-evasion/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/etw-evasion/ETW Evasion ETW Evasion - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: ETW Bypass Byte Patching ETW Bypass Improved Patching ETW Discovering ETW Tools ETW Evasion via NtTraceEvent Patching ETW Evasion via Patching ETW Evasion via Patching EtwpEventWrite ETW Evasion via Patching EtwpEventWrite v2 ETW Evasion via WinAPIs Patching ETW Provider Session Hijacking Introduction to ETW Patchless ETW Bypass via Hardware Breakpointshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/etw-evasion-via-nttraceevent-patching/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/etw-evasion-via-nttraceevent-patching/ETW Evasion via NtTraceEvent Patching ETW Evasion via NtTraceEvent Patching - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: ETW Bypass Byte Patching ETW Bypass Improved Patching ETW Discovering ETW Tools ETW Evasion ETW Evasion via Patching ETW Evasion via Patching EtwpEventWrite ETW Evasion via Patching EtwpEventWrite v2 ETW Evasion via WinAPIs Patching ETW Provider Session Hijacking Introduction to ETW Patchless ETW Bypass via Hardware Breakpointshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/etw-evasion-via-patching/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/etw-evasion-via-patching/ETW Evasion via Patching ETW Evasion via Patching - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: ETW Bypass Byte Patching ETW Bypass Improved Patching ETW Discovering ETW Tools ETW Evasion ETW Evasion via NtTraceEvent Patching ETW Evasion via Patching EtwpEventWrite ETW Evasion via Patching EtwpEventWrite v2 ETW Evasion via WinAPIs Patching ETW Provider Session Hijacking Introduction to ETW Patchless ETW Bypass via Hardware Breakpointshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/etw-evasion-via-patching-etwpeventwrite/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/etw-evasion-via-patching-etwpeventwrite/ETW Evasion via Patching EtwpEventWrite ETW Evasion via Patching EtwpEventWrite - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: ETW Bypass Byte Patching ETW Bypass Improved Patching ETW Discovering ETW Tools ETW Evasion ETW Evasion via NtTraceEvent Patching ETW Evasion via Patching ETW Evasion via Patching EtwpEventWrite v2 ETW Evasion via WinAPIs Patching ETW Provider Session Hijacking Introduction to ETW Patchless ETW Bypass via Hardware Breakpointshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/etw-evasion-via-patching-etwpeventwrite-v2/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/etw-evasion-via-patching-etwpeventwrite-v2/ETW Evasion via Patching EtwpEventWrite v2 ETW Evasion via Patching EtwpEventWrite v2 - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: ETW Bypass Byte Patching ETW Bypass Improved Patching ETW Discovering ETW Tools ETW Evasion ETW Evasion via NtTraceEvent Patching ETW Evasion via Patching ETW Evasion via Patching EtwpEventWrite ETW Evasion via WinAPIs Patching ETW Provider Session Hijacking Introduction to ETW Patchless ETW Bypass via Hardware Breakpointshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/etw-evasion-via-winapis-patching/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/etw-evasion-via-winapis-patching/ETW Evasion via WinAPIs Patching ETW Evasion via WinAPIs Patching - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: ETW Bypass Byte Patching ETW Bypass Improved Patching ETW Discovering ETW Tools ETW Evasion ETW Evasion via NtTraceEvent Patching ETW Evasion via Patching ETW Evasion via Patching EtwpEventWrite ETW Evasion via Patching EtwpEventWrite v2 ETW Provider Session Hijacking Introduction to ETW Patchless ETW Bypass via Hardware Breakpointshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/etw-provider-session-hijacking/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/etw-provider-session-hijacking/ETW Provider Session Hijacking ETW Provider Session Hijacking - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: ETW Bypass Byte Patching ETW Bypass Improved Patching ETW Discovering ETW Tools ETW Evasion ETW Evasion via NtTraceEvent Patching ETW Evasion via Patching ETW Evasion via Patching EtwpEventWrite ETW Evasion via Patching EtwpEventWrite v2 ETW Evasion via WinAPIs Patching Introduction to ETW Patchless ETW Bypass via Hardware Breakpointshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/evasion-with-file-bloating/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/evasion-with-file-bloating/Evasion with File Bloating Evasion with File Bloating - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/file-entropy-reduction-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/file-entropy-reduction-techniques/File Entropy Reduction Techniques File Entropy Reduction Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/covering-tracks/file-time-stomping/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/covering-tracks/file-time-stomping/File Time Stomping File Time Stomping - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Forensic Techniques Covering Tracks Techniques Data Destruction Techniques Log Tampering Techniques Self-Deletion Techniques Shadow Copy Deletion Timestomping Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/fnv1a-string-hashing-algorithm/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/fnv1a-string-hashing-algorithm/FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/fnv1a-string-hashing-algorithm-ascii/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/fnv1a-string-hashing-algorithm-ascii/FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Algorithm ASCII - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/fnv1a-string-hashing-syscalls-hash-values/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/fnv1a-string-hashing-syscalls-hash-values/FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/fnv1a-string-hashing-syscalls-hash-values-nt/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/fnv1a-string-hashing-syscalls-hash-values-nt/FNV1A String Hashing Syscalls Hash Values NT FNV1A String Hashing Syscalls Hash Values NT - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/fnv1a-syscalls-hash-values-zw/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/fnv1a-syscalls-hash-values-zw/FNV1A Syscalls Hash Values ZW FNV1A Syscalls Hash Values ZW - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/fnv1a-winapis-hash-values/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/fnv1a-winapis-hash-values/FNV1A WinAPIs Hash Values FNV1A WinAPIs Hash Values - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/function-replacements/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/function-replacements/Function Replacements Function Replacements - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/function-replacements-eg-malloc-strcpy-zeromemory/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/function-replacements-eg-malloc-strcpy-zeromemory/Function Replacements eg Malloc Strcpy ZeroMemory Function Replacements eg Malloc Strcpy ZeroMemory - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/goto-functionality/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/goto-functionality/GoTo Functionality GoTo Functionality - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/ntdll-unhooking-and-api-hooking/hardware-hooks/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/ntdll-unhooking-and-api-hooking/hardware-hooks/Hardware Hooks Hardware Hooks - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: API Hooking Variants NTDLL Unhooking NTDLL Unhooking Variants Unhooking All DLLs Utilizing Hardware Breakpoints for Hooking 1 Utilizing Hardware Breakpoints for Hooking 2https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/iat-camouflage/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/iat-camouflage/IAT Camouflage IAT Camouflage - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/iat-obfuscation-variants/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/iat-obfuscation-variants/IAT Obfuscation Variants IAT Obfuscation Variants - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/ids-evasion-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/ids-evasion-techniques/IDS Evasion Techniques IDS Evasion Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/amsi-bypass/introduction-to-amsi/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/amsi-bypass/introduction-to-amsi/Introduction to AMSI Introduction to AMSI - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AMSI Bypass Byte Patching AMSI Evasion AMSI Evasion via Hardware Breakpoint Hooks AMSI Evasion via Patching Patchless AMSI Bypass via Hardware Breakpointshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/introduction-to-etw/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/introduction-to-etw/Introduction to ETW Introduction to ETW - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: ETW Bypass Byte Patching ETW Bypass Improved Patching ETW Discovering ETW Tools ETW Evasion ETW Evasion via NtTraceEvent Patching ETW Evasion via Patching ETW Evasion via Patching EtwpEventWrite ETW Evasion via Patching EtwpEventWrite v2 ETW Evasion via WinAPIs Patching ETW Provider Session Hijacking Patchless ETW Bypass via Hardware Breakpointshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/ip-address-whitelisting/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/ip-address-whitelisting/IP Address Whitelisting IP Address Whitelisting - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/js-string-hashing-algorithm/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/js-string-hashing-algorithm/JS String Hashing Algorithm JS String Hashing Algorithm - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/js-string-hashing-algorithm-ascii/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/js-string-hashing-algorithm-ascii/JS String Hashing Algorithm ASCII JS String Hashing Algorithm ASCII - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/js-string-hashing-syscalls-hash-values-nt/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/js-string-hashing-syscalls-hash-values-nt/JS String Hashing Syscalls Hash Values NT JS String Hashing Syscalls Hash Values NT - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/js-syscalls-hash-values-zw/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/js-syscalls-hash-values-zw/JS Syscalls Hash Values ZW JS Syscalls Hash Values ZW - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/js-winapis-hash-values/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/js-winapis-hash-values/JS WinAPIs Hash Values JS WinAPIs Hash Values - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/covering-tracks/log-tampering-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/covering-tracks/log-tampering-techniques/Log Tampering Techniques Log Tampering Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Forensic Techniques Covering Tracks Techniques Data Destruction Techniques File Time Stomping Self-Deletion Techniques Shadow Copy Deletion Timestomping Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/malware-binary-signing-obfuscation/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/malware-binary-signing-obfuscation/Malware Binary Signing Obfuscation Malware Binary Signing Obfuscation - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/mmgetsystemroutineaddress-replacement-string-hashing-kernel/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/mmgetsystemroutineaddress-replacement-string-hashing-kernel/Mmgetsystemroutineaddress Replacement String Hashing Kernel Mmgetsystemroutineaddress Replacement String Hashing Kernel - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/multiple-anti-debugging-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/multiple-anti-debugging-techniques/Multiple Anti-Debugging Techniques Multiple Anti-Debugging Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/multiple-function-replacements/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/multiple-function-replacements/Multiple Function Replacements Multiple Function Replacements - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/multiple-getmodulehandle-replacement-functions/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/multiple-getmodulehandle-replacement-functions/Multiple GetModuleHandle Replacement Functions Multiple GetModuleHandle Replacement Functions - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/murmurhash3-string-hashing-algorithm/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/murmurhash3-string-hashing-algorithm/MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/murmurhash3-string-hashing-algorithm-ascii/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/murmurhash3-string-hashing-algorithm-ascii/MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Algorithm ASCII - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/murmurhash3-string-hashing-syscalls-hash-values-nt/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/murmurhash3-string-hashing-syscalls-hash-values-nt/MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 String Hashing Syscalls Hash Values NT - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/murmurhash3-syscalls-hash-values-zw/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/murmurhash3-syscalls-hash-values-zw/MurmurHash3 Syscalls Hash Values ZW MurmurHash3 Syscalls Hash Values ZW - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/murmurhash3-winapis-hash-values/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/murmurhash3-winapis-hash-values/MurmurHash3 WinAPIs Hash Values MurmurHash3 WinAPIs Hash Values - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/network-evasion-techniques-overview/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/network-evasion-techniques-overview/Network Evasion Techniques Overview Network Evasion Techniques Overview - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/ntdll-unhooking-and-api-hooking/ntdll-unhooking/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/ntdll-unhooking-and-api-hooking/ntdll-unhooking/NTDLL Unhooking NTDLL Unhooking - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: API Hooking Variants Hardware Hooks NTDLL Unhooking Variants Unhooking All DLLs Utilizing Hardware Breakpoints for Hooking 1 Utilizing Hardware Breakpoints for Hooking 2https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/ntdll-unhooking-and-api-hooking/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/ntdll-unhooking-and-api-hooking/NTDLL Unhooking and API Hooking NTDLL Unhooking and API Hooking - techniques to restore hooked NTDLL functions or intercept API calls to bypass EDR user-mode hooks. API Hooking Variants Hardware Hooks NTDLL Unhooking NTDLL Unhooking Variants Unhooking All DLLs Utilizing Hardware Breakpoints for Hooking 1 Utilizing Hardware Breakpoints for Hooking 2 Related Links: AMSI Bypass Anti-Analysis Automated Obfuscation Techniques Code Obfuscation Covering Tracks ETW Bypasshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/ntdll-unhooking-and-api-hooking/ntdll-unhooking-variants/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/ntdll-unhooking-and-api-hooking/ntdll-unhooking-variants/NTDLL Unhooking Variants NTDLL Unhooking Variants - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: API Hooking Variants Hardware Hooks NTDLL Unhooking Unhooking All DLLs Utilizing Hardware Breakpoints for Hooking 1 Utilizing Hardware Breakpoints for Hooking 2https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/Obfuscation and Detection Evasion Obfuscation and Detection Evasion - techniques used to conceal malicious code and behavior from security tools, analysts, and automated detection systems. AMSI Bypass Anti-Analysis Automated Obfuscation Techniques Code Obfuscation Covering Tracks ETW Bypass NTDLL Unhooking and API Hooking Related Links: Application Security Bash Burp Suite Cryptography Cybersecurity Encryption Firewalls Ghidra Hashing Incident Response and Forensics Information Security Models Linux Operating System Malware Analysis Malware Development Network Security Nginx Nmap Offensive Phishing Operations Ransomware SOC and Detection Engineering Social Engineering Threat Modeling Windows Security and Administration Wiresharkhttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/obfuscation-ipv4fuscation-ipv6fuscation-uuidfuscation-macfuscation/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/obfuscation-ipv4fuscation-ipv6fuscation-uuidfuscation-macfuscation/Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/amsi-bypass/patchless-amsi-bypass-via-hardware-breakpoints/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/amsi-bypass/patchless-amsi-bypass-via-hardware-breakpoints/Patchless AMSI Bypass via Hardware Breakpoints Patchless AMSI Bypass via Hardware Breakpoints - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AMSI Bypass Byte Patching AMSI Evasion AMSI Evasion via Hardware Breakpoint Hooks AMSI Evasion via Patching Introduction to AMSIhttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/patchless-etw-bypass-via-hardware-breakpoints/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/patchless-etw-bypass-via-hardware-breakpoints/Patchless ETW Bypass via Hardware Breakpoints Patchless ETW Bypass via Hardware Breakpoints - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: ETW Bypass Byte Patching ETW Bypass Improved Patching ETW Discovering ETW Tools ETW Evasion ETW Evasion via NtTraceEvent Patching ETW Evasion via Patching ETW Evasion via Patching EtwpEventWrite ETW Evasion via Patching EtwpEventWrite v2 ETW Evasion via WinAPIs Patching ETW Provider Session Hijacking Introduction to ETWhttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/payload-obfuscation/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/payload-obfuscation/Payload Obfuscation Payload Obfuscation - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/pjw-string-hashing-algorithm/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/pjw-string-hashing-algorithm/PJW String Hashing Algorithm PJW String Hashing Algorithm - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/pjw-string-hashing-algorithm-ascii/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/pjw-string-hashing-algorithm-ascii/PJW String Hashing Algorithm ASCII PJW String Hashing Algorithm ASCII - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/pjw-string-hashing-syscalls-hash-values-nt/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/pjw-string-hashing-syscalls-hash-values-nt/PJW String Hashing Syscalls Hash Values NT PJW String Hashing Syscalls Hash Values NT - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/pjw-syscalls-hash-values-zw/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/pjw-syscalls-hash-values-zw/PJW Syscalls Hash Values ZW PJW Syscalls Hash Values ZW - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/pjw-winapis-hash-values/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/pjw-winapis-hash-values/PJW WinAPIs Hash Values PJW WinAPIs Hash Values - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/sandbox-evasion-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/sandbox-evasion-techniques/Sandbox Evasion Techniques Sandbox Evasion Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview TLS Callbacks for Anti-Debugging User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/sdbm-string-hashing-algorithm/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/sdbm-string-hashing-algorithm/SDBM String Hashing Algorithm SDBM String Hashing Algorithm - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/sdbm-string-hashing-algorithm-ascii/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/sdbm-string-hashing-algorithm-ascii/SDBM String Hashing Algorithm ASCII SDBM String Hashing Algorithm ASCII - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/sdbm-string-hashing-syscalls-hash-values-nt/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/sdbm-string-hashing-syscalls-hash-values-nt/SDBM String Hashing Syscalls Hash Values NT SDBM String Hashing Syscalls Hash Values NT - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/sdbm-syscalls-hash-values-zw/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/sdbm-syscalls-hash-values-zw/SDBM Syscalls Hash Values ZW SDBM Syscalls Hash Values ZW - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/sdbm-winapis-hash-values/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/sdbm-winapis-hash-values/SDBM WinAPIs Hash Values SDBM WinAPIs Hash Values - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW Self Deletion String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/self-deletion/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/self-deletion/Self Deletion Self Deletion - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values String Hashing String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/covering-tracks/self-deletion-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/covering-tracks/self-deletion-techniques/Self-Deletion Techniques Self-Deletion Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Forensic Techniques Covering Tracks Techniques Data Destruction Techniques File Time Stomping Log Tampering Techniques Shadow Copy Deletion Timestomping Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/covering-tracks/shadow-copy-deletion/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/covering-tracks/shadow-copy-deletion/Shadow Copy Deletion Shadow Copy Deletion - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Forensic Techniques Covering Tracks Techniques Data Destruction Techniques File Time Stomping Log Tampering Techniques Self-Deletion Techniques Timestomping Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/string-hashing/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/string-hashing/String Hashing String Hashing - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing Obfuscation Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/string-hashing-obfuscation-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/string-hashing-obfuscation-techniques/String Hashing Obfuscation Techniques String Hashing Obfuscation Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashinghttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/covering-tracks/timestomping-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/covering-tracks/timestomping-techniques/Timestomping Techniques Timestomping Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Forensic Techniques Covering Tracks Techniques Data Destruction Techniques File Time Stomping Log Tampering Techniques Self-Deletion Techniques Shadow Copy Deletionhttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/tls-callbacks-for-anti-debugging/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/tls-callbacks-for-anti-debugging/TLS Callbacks for Anti-Debugging TLS Callbacks for Anti-Debugging - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques User Interaction Evasion Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/ntdll-unhooking-and-api-hooking/unhooking-all-dlls/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/ntdll-unhooking-and-api-hooking/unhooking-all-dlls/Unhooking All DLLs Unhooking All DLLs - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: API Hooking Variants Hardware Hooks NTDLL Unhooking NTDLL Unhooking Variants Utilizing Hardware Breakpoints for Hooking 1 Utilizing Hardware Breakpoints for Hooking 2https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/user-interaction-evasion-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/user-interaction-evasion-techniques/User Interaction Evasion Techniques User Interaction Evasion Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugginghttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/ntdll-unhooking-and-api-hooking/utilizing-hardware-breakpoints-for-hooking-1/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/ntdll-unhooking-and-api-hooking/utilizing-hardware-breakpoints-for-hooking-1/Utilizing Hardware Breakpoints for Hooking 1 Utilizing Hardware Breakpoints for Hooking 1 - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: API Hooking Variants Hardware Hooks NTDLL Unhooking NTDLL Unhooking Variants Unhooking All DLLs Utilizing Hardware Breakpoints for Hooking 2https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/ntdll-unhooking-and-api-hooking/utilizing-hardware-breakpoints-for-hooking-2/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/ntdll-unhooking-and-api-hooking/utilizing-hardware-breakpoints-for-hooking-2/Utilizing Hardware Breakpoints for Hooking 2 Utilizing Hardware Breakpoints for Hooking 2 - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: API Hooking Variants Hardware Hooks NTDLL Unhooking NTDLL Unhooking Variants Unhooking All DLLs Utilizing Hardware Breakpoints for Hooking 1