Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Techniques for Command Line Obfuscation

Hack In The Box Security Conference via YouTube

Overview

Explore advanced command-line obfuscation techniques used by skilled attackers to evade detection in this conference talk from the Hack In The Box Security Conference. Dive deep into cmd.exe's multi-faceted obfuscation capabilities, starting with basic methods like carets, quotes, and stdin argument hiding. Examine more complex techniques, including string removal/replacement and two novel obfuscation and full encoding methods performed entirely in memory. Learn about approaches for obfuscating binary names from static and dynamic analysis, and discover lesser-known cmd.exe replacement binaries. Gain insights into the Invoke-DOSfuscation framework, a new tool for obfuscating payloads using multi-layered techniques. Understand the detection implications and defensive strategies for combating this type of obfuscation, essential knowledge for both red teamers and defenders in the ongoing cat-and-mouse game of cybersecurity.

Syllabus

#HITB2018AMS D1T2 - Techniques FOR %F IN (-style) DO (S-level CMD Obfuscation) - Daniel Bohannon

Taught by

Hack In The Box Security Conference

Reviews

Start your review of Techniques for Command Line Obfuscation

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.