https://github.com/silverplate3/evasion-techniques-articles
Articles I wrote for Cynet about Evasion techniques. Link to the articles and the full source code can be found here
https://github.com/silverplate3/evasion-techniques-articles
Last synced: 9 days ago
JSON representation
Articles I wrote for Cynet about Evasion techniques. Link to the articles and the full source code can be found here
- Host: GitHub
- URL: https://github.com/silverplate3/evasion-techniques-articles
- Owner: SilverPlate3
- Created: 2022-07-31T19:25:41.000Z (almost 4 years ago)
- Default Branch: main
- Last Pushed: 2022-11-08T19:20:29.000Z (over 3 years ago)
- Last Synced: 2025-10-28T05:26:29.828Z (9 months ago)
- Language: C
- Size: 311 KB
- Stars: 3
- Watchers: 1
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Evasion techniques 2 - PEB edition
## Cynet Security
[](https://www.cynet.com/)
Written by: Ariel Silver
Article can be found at - https://www.cynet.com/attack-techniques-hands-on/defense-evasion-techniques-peb-edition/
# Intro
The article explains and shows the following
- What is the Process Environment Block
- Different ways adversaries can exploit it in order to evade user-mode tools and detections.
- Live attack scenarios that show when and how malwares should use it.
- WinAPI's and system structures (documented and undocumented) that must be used.
- Most important, how Cynet detects this bevavior.
# Code
- The full code and solutions for these techniqes can be found in the code folder.
- The code should be compiled in x64 Relsease mode.
- In order to understand the full code you MUST read the article, as it's very detailed and much more in-depth then the code comments.
Previous article - https://www.cynet.com/attack-techniques-hands-on/defense-evasion-techniques/