Daniel Roberson - malware checking for security software

Posts
About
Notes
Projects
Posts

About

Notes

Projects

malware checking for security software

0001-01-01

malware often attempts to determine if security tools or reverse engineering software is running on a host as a defensive measure. The malware, if it determines that it is being analyzed, can alter its execution flow to thwart analysis.

Links to this note

enumerate processes
malware checking for installed software

malware checking for security software

0001-01-01

Links to this note

Recent Posts

Linux Hardening: SSH

2025-03-06 DFIR SSH hardening linux hardening SSH PAM

Linux Anti-Forensics: Timestomping

2025-03-05 DFIR linux anti-forensics

Finding Bad with Linux Package Managers

2025-03-03 DFIR linux persistence

Linux Persistence: Startup Scripts

2024-11-10 DFIR CTF linux persistence systemd SysV init startup script

Linux Persistence: Cron

2024-11-10 DFIR CTF linux persistence cron