Red Teaming and Malware Analysis
@sirpedrotavaresseguranca-informatica.pt0xSI_f33d
Search…
About
Red Teaming
Cheat Sheet
Active Directory 101
Fuzzing and Web
Initial Foothold
Privilege Escalation (Privesc)
AV/EDR Bypass
Bypass AV/EDR using Safe Mode
Resources
UAC bypass
Process migration like meterpreter
Lateral Movement (Pivoting)
Persistence
Command and Control (C&C)
Data Exfiltration
CVE & Exploits / CTF
Tools
Resources
Malware Analysis
Unpacking
Basic tips
Malware instrumentation with frida
Tools
Resources
Mobile
Tools
Reverse iOS ipa
Reverse Android APKs
Basic tips
Resources
IoT / Reverse / Firmware
Basic tips
Reverse IoT devices
Tools
Resources
Powered By GitBook
Resources

List with hooked calls AV

Symantec.txt
NtCreateFile is hooked
NtCreateKey is hooked
NtCreateUserProcess is hooked
NtDeleteFile is hooked
NtDeleteKey is hooked
NtDeleteValueKey is hooked
NtMapViewOfSection is hooked
NtOpenFile is hooked
NtOpenKey is hooked
NtOpenKeyEx is hooked
NtRenameKey is hooked
NtSetInformationFile is hooked
NtSetValueKey is hooked
NtTerminateProcess is hooked
NtTerminateThread is hooked
ZwCreateFile is hooked
ZwCreateKey is hooked
ZwCreateUserProcess is hooked
ZwDeleteFile is hooked
ZwDeleteKey is hooked
ZwDeleteValueKey is hooked
ZwMapViewOfSection is hooked
ZwOpenFile is hooked
ZwOpenKey is hooked
ZwOpenKeyEx is hooked
ZwRenameKey is hooked
ZwSetInformationFile is hooked
ZwSetValueKey is hooked
ZwTerminateProcess is hooked
ZwTerminateThread is hooke
GitHub - Mr-Un1k0d3r/EDRs
GitHub
GitHub - ethereal-vx/Antivirus-Artifacts: Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.
GitHub
Previous
Bypass AV/EDR using Safe Mode
Next
UAC bypass
Last modified 1yr ago
Copy link