Defense Evasion - Windows

  1. T1562: Impair Defenses

  2. T1140: Deobfuscate/Decode Files or Information

  3. T1027: Obfuscated Files or Information

  4. T1497: Virtualization/Sandbox Evasion

  5. T1070: Indicator Removal on Host

  6. T1036: Masquerading

  7. T1218: Signed Binary Proxy Execution

  8. T1574: Hijack Execution Flow

  9. T1553: Subvert Trust Controls

  10. T1480: Execution Guardrails

  11. T1499: Endpoint Denial of Service

PreviousPrivilege Escalation - WindowsNextCredential Access - Windows

Last updated