killchain-compendium/antivirus_evasion.md

# Antivirus Evasion

* Existing types
    * On-Disk evasion
    * In-Memory evasion

* Detection Methods
    * Static Detection -- Hash or String/Byte Matching
    * Dynamic / Heuristic / Behaviourial Detection -- predefined rules, run inside a sandbox


## Links
* [cmnatic](https://cmnatic.co.uk/)
* [cmnatic's diss](https://resources.cmnatic.co.uk/Presentations/Dissertation/)
second commit 2021-08-23 01:13:54 +02:00			`# Antivirus Evasion`

			`* Existing types`
			`* On-Disk evasion`
			`* In-Memory evasion`

			`* Detection Methods`
			`* Static Detection -- Hash or String/Byte Matching`
			`* Dynamic / Heuristic / Behaviourial Detection -- predefined rules, run inside a sandbox`


			`## Links`
			`* [cmnatic](https://cmnatic.co.uk/)`
			`* [cmnatic's diss](https://resources.cmnatic.co.uk/Presentations/Dissertation/)`