Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Invoke-DOSfuscation - Techniques for CMD Obfuscation

NorthSec via YouTube

Overview

Explore advanced command-line obfuscation techniques in this 55-minute conference talk from NorthSec. Dive deep into cmd.exe's multi-faceted obfuscation capabilities, starting with basic methods like carets, quotes, and stdin argument hiding. Progress to more complex techniques, including string removal/replacement and novel full encoding methods performed entirely in memory. Learn about obfuscating binary names from static and dynamic analysis, and discover lesser-known cmd.exe replacement binaries. Witness a live demonstration of the Invoke-DOSfuscation framework, which implements these multi-layered obfuscation techniques. Gain insights into the detection implications and defensive approaches for combating this evolving form of obfuscation used by advanced threat actors.

Syllabus

Daniel Bohannon - Invoke-DOSfuscation: Techniques FOR %F IN (-style) DO (S-level CMD Obfuscation)

Taught by

NorthSec

Reviews

Start your review of Invoke-DOSfuscation - Techniques for CMD Obfuscation

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.