Sponsor of the Day:
Jerkmate
https://detection.fyi/tags/attack.defense-evasion/
attack.defense-evasion | Detection.FYI
attack defensedetection fyievasion
https://detection.fyi/sigmahq/sigma/unsupported/windows/sysmon_process_reimaging/
Defense evasion via process reimaging | Detection.FYI
Detects process reimaging defense evasion technique
defense evasiondetection fyiviaprocessreimaging
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_binary/
Potential Defense Evasion Via Binary Rename | Detection.FYI
Detects the execution of a renamed binary often used by attackers or malware leveraging new Sysmon OriginalFileName datapoint.
defense evasionrename detectionpotentialviabinary
https://app-attack-matrix.com/techniques/Deepening%20Control/Exploitation%20for%20Defense%20Evasion/Exploitation%20for%20Defense%20Evasion/
Exploitation for Defense Evasion - Application Security Tactics & Techniques Matrix
application security tacticsdefense evasiontechniques matrixexploitation