|
Go up
|
— |
— |
|
|
2011-05-04 - The Ultimate Anti-Debugging Reference.pdf
|
723 KiB |
|
|
|
2012-02-14 - Stack Necromancy - Defeating Debuggers By Raising the Dead.pdf
|
179 KiB |
|
|
|
2012-03-21 - Using UPX as a Security Packer.pdf
|
1.9 MiB |
|
|
|
2012-09-19 - Knockin on Heavens Gate - Dynamic Processor Mode Switching.pdf
|
476 KiB |
|
|
|
2012-11-01 - SizeOfStackReserve As Anti-Attaching Trick.pdf
|
538 KiB |
|
|
|
2019-05-26 - Creating a Hidden Prefetch File to Bypass Normal Forensic Analysis.pdf
|
589 KiB |
|
|
|
2019-10-25 - Bypassing Low Type Filter in NET Remoting.pdf
|
346 KiB |
|
|
|
2020-04-20 - Masquerading Windows Processes like a DoubleAgent.pdf
|
988 KiB |
|
|
|
2020-06-20 - Hiding Process Memory via Anti-Forensic Techniques.pdf
|
467 KiB |
|
|
|
2020-08-05 - Checkpoint Research - Anti-Debug - Assembly instructions.pdf
|
334 KiB |
|
|
|
2020-08-05 - Checkpoint Research - Anti-Debug - Debug Flags.pdf
|
743 KiB |
|
|
|
2020-08-05 - Checkpoint Research - Anti-Debug - Direct debugger interaction.pdf
|
425 KiB |
|
|
|
2020-08-05 - Checkpoint Research - Anti-Debug - Exceptions.pdf
|
207 KiB |
|
|
|
2020-08-05 - Checkpoint Research - Anti-Debug - Misc.pdf
|
349 KiB |
|
|
|
2020-08-05 - Checkpoint Research - Anti-Debug - Object Handles.pdf
|
309 KiB |
|
|
|
2020-08-05 - Checkpoint Research - Anti-Debug - Process Memory.pdf
|
660 KiB |
|
|
|
2020-08-05 - Checkpoint Research - Anti-Debug - Timing.pdf
|
266 KiB |
|
|
|
2020-09-16 - Defeating Macro Document Static Analysis with Pictures of My Cat.pdf
|
917 KiB |
|
|
|
2021-03-18 - Anti Debugging Protection Techniques with Examples.pdf
|
1.0 MiB |
|
|
|
2021-03-24 - Excel Macro Anti-Analysis Techniques.pdf
|
1.2 MiB |
|
|
|
2021-05-23 - Preventing memory inspection on Windows.pdf
|
164 KiB |
|
|
|
2021-08-05 - Evil Model - Hiding Malware.pdf
|
747 KiB |
|
|
|
2021-11-26 - Abusing Windows’ Implementation of Fork() for Stealthy Memory Operations.pdf
|
524 KiB |
|
|
|
2022-01-26 - Using SecureString to protect Malware.pdf
|
300 KiB |
|
|
|
2022-02-01 - System-wide anti-debug technique using NtQuerySystemInformation and DuplicateHandle.pdf
|
184 KiB |
|
|
|
2022-02-04 - AppLocker bypass by hash caching misuse.pdf
|
150 KiB |
|
|
|
2022-02-07 - Invisible Sandbox Evasion - Check Point Research.pdf
|
216 KiB |
|
|
|
2022-04-18 - A blueprint for evading industry leading endpoint protection in 2022.pdf
|
3.3 MiB |
|
|
|
2022-04-22 - Bypassing LSA Protection in Userland.pdf
|
656 KiB |
|
|
|
2022-04-23 - Bypassing PESieve and Moneta The easy way.pdf
|
1.7 MiB |
|
|
|
2022-05-24 - Gargoyle x64 - DeepSleep.zip
|
173 KiB |
|
|
|
2022-06-17 - Demonstrating Thread Stack Spoofing.zip
|
231 KiB |
|
|
|
2022-06-17 - Sleep Obfuscation - Ekko.zip
|
3.2 KiB |
|
|
|
2022-06-26 - Protecting the Heap - Encryption and Hooks.pdf
|
432 KiB |
|
|
|
2022-06-30 - CallStack Spoofer Demonstration.zip
|
16 KiB |
|
|
|
2022-06-30 - Spoofing Call Stacks To Confuse EDRs.pdf
|
2.2 MiB |
|
|
|
2022-07-05 - Vulpes - Obfuscating Memory Regions with Timers.pdf
|
353 KiB |
|
|
|
2022-08-01 - DeathSleep - Demonstrating sleep obfuscation.7z
|
651 KiB |
|
|
|
2022-11-22 - x64 return address spoofing.7z
|
139 KiB |
|
|
|
2022-11-23 - An End to KASLR Bypasses.pdf
|
329 KiB |
|
|
|
2022-12-04 - SilentMoonWalk - Demonstrating call stack spoofing.zip
|
284 KiB |
|
|
|
2022-12-16 - Polyshell - Bash, Batch, and Powershell Polyglot.zip
|
34 KiB |
|
|
|
2023-01-11 - SelfDebug - A useless anti-debug trick by forcing a process to debug itself.pdf
|
276 KiB |
|
|
|
2023-03-21 - EkkoEx Sleep obfuscation.txt
|
4.9 KiB |
|
|
|
2023-04-25 - Demonstrating stack encryption.zip
|
5.0 KiB |
|
|
|
2023-05-04 - Abusing Catalog Hygiene to Bypass Application Whitelisting.pdf
|
1023 KiB |
|
|
|
2023-07-25 - Advanced Module Stomping & Heap Stack Encryption.pdf
|
3.8 MiB |
|
|
|
2023-08-27 - Demonstrating Parent Process ID Spoofing.txt
|
15 KiB |
|
|
|
2023-09-10 - GIF Steganography from First Principles.pdf
|
1.6 MiB |
|
|
|
2023-09-15 - An Introduction into Stack Spoofing.pdf
|
781 KiB |
|
|
|
2023-10-06 - Reflective call stack detections and evasions.pdf
|
3.2 MiB |
|
|
|
2023-10-09 - Demonstrating Sleep Obfuscation - KrakenMask.7z
|
54 KiB |
|
|
|
2023-11-29 - Unwind - Callstack spoofing in Rust.7z
|
114 KiB |
|
|
|
2023-12-25 - An Introduction to Bypassing User Mode EDR Hooks.pdf
|
352 KiB |
|
|
|
2024-02-02 - Bypassing EDRs With EDR-Preloading.pdf
|
452 KiB |
|
|
|
2024-04-24 - ETW-ByeBye Disabling ETW-TI Without PPL.pdf
|
237 KiB |
|
|
|
2024-06-09 - Bypassing EDR NTDSdit protection using BlueTeam tools.pdf
|
628 KiB |
|
|
|
2024-08-09 - Blocking EDR Drivers with WDAC policies.7z
|
218 KiB |
|
|
|
2024-11-22 - How To Use MSSQL CLR Assembly To Bypass EDR.pdf
|
1.1 MiB |
|
|
|
2025-04-07 - Bypass WDAC WinDbg Preview.pdf
|
142 KiB |
|
|
|
2025-04-08 - Notes on bypassing mailbox audit logs.7z
|
489 KiB |
|
|
|
2025-08-06 - Making a self-deleting executable.zip
|
3.4 KiB |
|
|
|
2025-08-17 - Control Flow Obfuscation What happens if we modify callee-saved registers.pdf
|
979 KiB |
|
|