nganhkhoa/mether049-malware
1
0
Fork 0
mirror of https://github.com/nganhkhoa/malware.git synced 2024-06-10 21:32:07 +07:00
Code Issues Projects Releases Wiki Activity

Update malware-tech_ref_and_memo.md

Browse Source
This commit is contained in:
mether049 2020-01-24 00:01:35 +09:00 committed by GitHub
parent aa17c9ce87
commit 114aefa14d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
malware-tech_ref_and_memo.md
View File

@ -97,6 +97,8 @@ to do...
## PowerShell Script obfuscation ## PowerShell Script obfuscation
- 難読化ツール<br> - 難読化ツール<br>
[Invoke-Obfuscation](https://github.com/danielbohannon/Invoke-Obfuscation) [Invoke-Obfuscation](https://github.com/danielbohannon/Invoke-Obfuscation)
- Powershellとセキュリティについての学習コンテンツ
[dversary Tactics: PowerShell](https://github.com/specterops/at-ps)
- Powershell Script内で用いられる難読化技術について - Powershell Script内で用いられる難読化技術について
### Case-insensitive ### Case-insensitive
- コマンドレット名や変数名に大文字,小文字を混ぜる - コマンドレット名や変数名に大文字,小文字を混ぜる
@ -211,7 +213,7 @@ New-Object System.IO.Compression.DeflateStream([iO.mEmoRySTream] [sysTEM.ConVert
<#bobalice#> <#bobalice#>
``` ```
**ref:**<br> **ref:**<br>
[Powershell Static Analysis & Emotet results](https://hatching.io/blog/powershell-analysis) [Powershell Static Analysis & Emotet results](https://hatching.io/blog/powershell-analysis)<br>
# Anti-detection # Anti-detection
## Living Off The Land(LOL) ## Living Off The Land(LOL)