Invoke-DOSfuscation - Techniques for S-level CMD Obfuscation
Offered By: Hack in Paris via YouTube
Course Description
Overview
Explore advanced CMD obfuscation techniques in this 43-minute talk from Hack in Paris. Delve into the evolving landscape of attack vectors and obfuscation methods used by skilled attackers to evade detection. Learn about the shift in tradecraft towards languages offering less visibility to defenders, and examine real-world examples from APT and FIN threat actors. Discover cmd.exe's unexplored obfuscation capabilities, including string replacement, argument hiding, and novel encoding techniques. Gain insights into obfuscating binary names and lesser-known cmd.exe replacement binaries. Witness a live demonstration of the Invoke-DOSfuscation framework, which implements multi-layered obfuscation techniques for cmd.exe payloads. Conclude with a discussion on detection implications and approaches for this genre of obfuscation.
Syllabus
HIP18 - Talk 07 - Invoke-DOSfuscation: Techniques FOR %F IN (-style) DO (S-level CMD Obfuscation)
Taught by
Hack in Paris
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network