|
Up
|
|
|
|
|
2011-05-04 - The Ultimate Anti-Debugging Reference.pdf
|
|
|
|
|
2012-02-14 - Stack Necromancy - Defeating Debuggers By Raising the Dead.pdf
|
|
|
|
|
2012-03-21 - Using UPX as a Security Packer.pdf
|
|
|
|
|
2012-09-19 - Knockin on Heavens Gate - Dynamic Processor Mode Switching.pdf
|
|
|
|
|
2012-11-01 - SizeOfStackReserve As Anti-Attaching Trick.pdf
|
|
|
|
|
2019-05-26 - Creating a Hidden Prefetch File to Bypass Normal Forensic Analysis.pdf
|
|
|
|
|
2019-10-25 - Bypassing Low Type Filter in NET Remoting.pdf
|
|
|
|
|
2020-04-20 - Masquerading Windows Processes like a DoubleAgent.pdf
|
|
|
|
|
2020-06-20 - Hiding Process Memory via Anti-Forensic Techniques.pdf
|
|
|
|
|
2020-08-05 - Checkpoint Research - Anti-Debug - Assembly instructions.pdf
|
|
|
|
|
2020-08-05 - Checkpoint Research - Anti-Debug - Debug Flags.pdf
|
|
|
|
|
2020-08-05 - Checkpoint Research - Anti-Debug - Direct debugger interaction.pdf
|
|
|
|
|
2020-08-05 - Checkpoint Research - Anti-Debug - Exceptions.pdf
|
|
|
|
|
2020-08-05 - Checkpoint Research - Anti-Debug - Misc.pdf
|
|
|
|
|
2020-08-05 - Checkpoint Research - Anti-Debug - Object Handles.pdf
|
|
|
|
|
2020-08-05 - Checkpoint Research - Anti-Debug - Process Memory.pdf
|
|
|
|
|
2020-08-05 - Checkpoint Research - Anti-Debug - Timing.pdf
|
|
|
|
|
2020-09-16 - Defeating Macro Document Static Analysis with Pictures of My Cat.pdf
|
|
|
|
|
2021-03-18 - Anti Debugging Protection Techniques with Examples.pdf
|
|
|
|
|
2021-03-24 - Excel Macro Anti-Analysis Techniques.pdf
|
|
|
|
|
2021-05-23 - Preventing memory inspection on Windows.pdf
|
|
|
|
|
2021-08-05 - Evil Model - Hiding Malware.pdf
|
|
|
|
|
2021-11-26 - Abusing Windows’ Implementation of Fork() for Stealthy Memory Operations.pdf
|
|
|
|
|
2022-01-26 - Using SecureString to protect Malware.pdf
|
|
|
|
|
2022-02-01 - System-wide anti-debug technique using NtQuerySystemInformation and DuplicateHandle.pdf
|
|
|
|
|
2022-02-04 - AppLocker bypass by hash caching misuse.pdf
|
|
|
|
|
2022-02-07 - Invisible Sandbox Evasion - Check Point Research.pdf
|
|
|
|
|
2022-04-18 - A blueprint for evading industry leading endpoint protection in 2022.pdf
|
|
|
|
|
2022-04-22 - Bypassing LSA Protection in Userland.pdf
|
|
|
|
|
2022-04-23 - Bypassing PESieve and Moneta The easy way.pdf
|
|
|
|
|
2022-05-24 - Gargoyle x64 - DeepSleep.zip
|
|
|
|
|
2022-06-17 - Demonstrating Thread Stack Spoofing.zip
|
|
|
|
|
2022-06-17 - Sleep Obfuscation - Ekko.zip
|
|
|
|
|
2022-06-26 - Protecting the Heap - Encryption and Hooks.pdf
|
|
|
|
|
2022-06-30 - CallStack Spoofer Demonstration.zip
|
|
|
|
|
2022-06-30 - Spoofing Call Stacks To Confuse EDRs.pdf
|
|
|
|
|
2022-07-05 - Vulpes - Obfuscating Memory Regions with Timers.pdf
|
|
|
|
|
2022-08-01 - DeathSleep - Demonstrating sleep obfuscation.7z
|
|
|
|
|
2022-11-22 - x64 return address spoofing.7z
|
|
|
|
|
2022-11-23 - An End to KASLR Bypasses.pdf
|
|
|
|
|
2022-12-04 - SilentMoonWalk - Demonstrating call stack spoofing.zip
|
|
|
|
|
2022-12-16 - Polyshell - Bash, Batch, and Powershell Polyglot.zip
|
|
|
|
|
2023-01-11 - SelfDebug - A useless anti-debug trick by forcing a process to debug itself.pdf
|
|
|
|
|
2023-03-21 - EkkoEx Sleep obfuscation.txt
|
|
|
|
|
2023-04-25 - Demonstrating stack encryption.zip
|
|
|
|
|
2023-05-04 - Abusing Catalog Hygiene to Bypass Application Whitelisting.pdf
|
|
|
|
|
2023-07-25 - Advanced Module Stomping & Heap Stack Encryption.pdf
|
|
|
|
|
2023-08-27 - Demonstrating Parent Process ID Spoofing.txt
|
|
|
|
|
2023-09-10 - GIF Steganography from First Principles.pdf
|
|
|
|
|
2023-09-15 - An Introduction into Stack Spoofing.pdf
|
|
|
|
|
2023-10-06 - Reflective call stack detections and evasions.pdf
|
|
|
|
|
2023-10-09 - Demonstrating Sleep Obfuscation - KrakenMask.7z
|
|
|
|
|
2023-11-29 - Unwind - Callstack spoofing in Rust.7z
|
|
|
|
|
2023-12-25 - An Introduction to Bypassing User Mode EDR Hooks.pdf
|
|
|
|
|
2024-02-02 - Bypassing EDRs With EDR-Preloading.pdf
|
|
|
|
|
2024-06-09 - Bypassing EDR NTDSdit protection using BlueTeam tools.pdf
|
|
|
|
|
2024-08-09 - Blocking EDR Drivers with WDAC policies.7z
|
|
|
|
|
2024-11-22 - How To Use MSSQL CLR Assembly To Bypass EDR.pdf
|
|
|
|