Dive deep into advanced cmd[.]exe obfuscation techniques in this Black Hat Asia 2018 Best Briefing presentation. Explore multi-faceted obfuscation opportunities, starting with carets, quotes, and stdin argument hiding. Extrapolate more complex methods, including FIN7's string removal/replacement concept and two novel obfuscation and full encoding techniques performed entirely in cmd[.]exe's memory. Learn three approaches for obfuscating binary names from static and dynamic analysis, and discover lesser-known cmd[.]exe replacement binaries. Gain valuable insights into S-level CMD obfuscation strategies to enhance your understanding of cybersecurity techniques and defenses.
Invoke-DOSfuscation - Techniques for CMD Obfuscation
Overview
Syllabus
Invoke-DOSfuscation: Techniques FOR %F IN (-style) DO (S-level CMD Obfuscation)
Taught by
Black Hat
Related Courses
-
Invoke-DOSfuscation - Techniques for CMD Obfuscation
-
Invoke-DOSfuscation - Techniques for S-level CMD Obfuscation
-
Techniques for Command Line Obfuscation
-
Invoke DOSfuscation Techniques - FOR F IN Style DO S Level CMD Obfuscation
-
Invoke Obfuscation - PowerShell Obfuscation Techniques and How to Try to Detect Them
-
Invoke Obfuscation - PowerShell Obfuscation Techniques and How To Try To Detect Them
