Stephen Patrick Simone Mahaney
The MITRE ATT&CK - Defense Evasion Learning Path advances skills in detecting and countering techniques attackers use to bypass security measures. It combines evasion theory with hands-on exercises in obfuscation, artifact manipulation, anti-forensics, and sandbox evasion.
Learners will tackle topics such as code injection, file masking, impairing antivirus tools, and exploiting trusted system utilities, gaining both theoretical insights and practical skills to fortify defenses against stealthy attacks.
Skills / Knowledge
- T1574 - Hijack Execution Flow
- T1027 - Obfuscated Files or Information
- T1564 - Hide Artifacts
- T1036 - Masquerading
- T1221 - Template Injection
- T1497 - Virtualization/Sandbox Evasion
- T1562 - Impair Defenses
- T1070 - Indicator Removal
- T1140 - Deobfuscate/Decode Files or Information
- T1202 - Indirect Command Execution
- T1218 - System Binary Proxy Execution
- T1127 - Trusted Developer Utilities Proxy Execution
- T1220 - XSL Script Processing
- T1553 - Subvert Trust Controls
Issued on
January 14, 2025
Expires on
Does not expire