Defensive tools like AVs and EDRs rely on command-line arguments for detecting malicious activity. This post demonstrates how command-line obfuscation, a shell-independent technique that exploits executables’ parsing “flaws”, can bypass such detections. It also introduces ArgFuscator, a new tool that documents obfuscation opportunities and generates obfuscated command lines.| www.wietzebeukema.nl
By adding two parameters to any Google Search URL, you can replace search results with a Knowledge Graph card of your choice. A malicious user can use this to generate false information or ‘fake news’.| www.wietzebeukema.nl