Windows Command-Line Obfuscation
Descrição
Many Windows applications have multiple ways in which the same command line can be expressed, usually for compatibility or ease-of-use reasons. As a result, command-line arguments are implemented inconsistently making detecting specific commands harder due to the number of variations. This post shows how more than 40 often-used, built-in Windows applications are vulnerable to forms of command-line obfuscation, and presents a tool for analysing other executables.
Windows Command-Line Obfuscation
![Windows Command-Line Obfuscation](https://miro.medium.com/v2/resize:fit:624/1*Uzcv5nUL13Ih79l5sqBrhQ.png)
Invoke-Obfuscation — Hiding Payloads To Avoid Detection
![Windows Command-Line Obfuscation](https://2603957456-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LNUPDVYAH_3gMRgypxx%2F-LNUWT0eIK8eFqY_tR4C%2Fcarets.png?alt=media&token=32962232-f880-4bc4-a792-d26773d9be69)
Commandline Obfusaction - Red Team Notes
![Windows Command-Line Obfuscation](https://www.gdatasoftware.com/fileadmin/web/general/images/blog/2018/07_2018/G_DATA_Blog_Dosfuscation_Preview.jpg)
Dosfuscation in the wild
![Windows Command-Line Obfuscation](https://miro.medium.com/v2/resize:fit:1248/1*X5m92fxkipG8Iv7-jOI3uw.png)
Invoke-Obfuscation — Hiding Payloads To Avoid Detection
![Windows Command-Line Obfuscation](https://user-images.githubusercontent.com/23490060/120902266-3c2cc500-c637-11eb-91e3-71e3a6ece512.png)
hacking-material-books/obfuscation/simple_obfuscation.md at master
![Windows Command-Line Obfuscation](https://www.mandiant.com/sites/default/files/inline-images/obfuscated-command-line8.png)
Obfuscated Command Line Detection Using Machine Learning
The Invoke-Obfuscation Usage Guide :: Part 2 — Daniel Bohannon
![Windows Command-Line Obfuscation](https://image.slidesharecdn.com/cb16bohannonen-161109042710/85/cb16-invokeobfuscation-powershell-obfusk8tion-techniques-how-to-try-to-detect-them-by-daniel-bohannon-4-320.jpg?cb=1667631317)
CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How
![Windows Command-Line Obfuscation](https://pentestlaboratories.files.wordpress.com/2021/05/amsi-powershell-bypass-amsiinitfailed-1.png)
AMSI Bypass Methods Pentest Laboratories
![Windows Command-Line Obfuscation](https://www.mandiant.com/sites/default/files/inline-images/obfuscated-command-line2.png)
Obfuscated Command Line Detection Using Machine Learning
![Windows Command-Line Obfuscation](https://pbs.twimg.com/media/FRff8eTXsAAJ-WD.png)
Florian Roth on X: Sigma rule to detect suspicious Unicode
Codecepticon - .NET Application That Allows You To Obfuscate C#
![Windows Command-Line Obfuscation](https://res.cloudinary.com/practicaldev/image/fetch/s--r4OYejI3--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://www.pelock.com/img/en/products/autoit-obfuscator/autoit-obfuscator-1-2-main.png)
Obfuscate AutoIt scripts from Python code - DEV Community
de
por adulto (o preço varia de acordo com o tamanho do grupo)