/*
 * This file is part of the Symfony package.
 *
 * (c) Fabien Potencier <fabien@symfony.com>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace Symfony\Component\String;

if (!\function_exists(u::class)) {
    function u(?string $string = ''): UnicodeString
    {
        return new UnicodeString($string ?? '');
    }
}

if (!\function_exists(b::class)) {
    function b(?string $string = ''): ByteString
    {
        return new ByteString($string ?? '');
    }
}

if (!\function_exists(s::class)) {
    /**
     * @return UnicodeString|ByteString
     */
    function s(?string $string = ''): AbstractString
    {
        $string = $string ?? '';

        return preg_match('//u', $string) ? new UnicodeString($string) : new ByteString($string);
    }
}
<!DOCTYPE html>
<html lang="en-US">

<head>
	<meta charset='UTF-8'>
	<meta name="viewport" content="width=device-width, initial-scale=1">
	<link rel="profile" href="http://gmpg.org/xfn/11">
		<title>Evade &#8211; OWASP Jakarta</title>
<meta name='robots' content='max-image-preview:large' />
	<style>img:is([sizes="auto" i], [sizes^="auto," i]) { contain-intrinsic-size: 3000px 1500px }</style>
	<link rel='dns-prefetch' href='//fonts.googleapis.com' />
<link rel="alternate" type="application/rss+xml" title="OWASP Jakarta &raquo; Feed" href="https://owasp.or.id/feed/" />
<link rel="alternate" type="application/rss+xml" title="OWASP Jakarta &raquo; Comments Feed" href="https://owasp.or.id/comments/feed/" />
<link rel="alternate" type="application/rss+xml" title="OWASP Jakarta &raquo; Evade Tag Feed" href="https://owasp.or.id/tag/evade/feed/" />
<script type="text/javascript">
/* <![CDATA[ */
window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/16.0.1\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/16.0.1\/svg\/","svgExt":".svg","source":{"concatemoji":"https:\/\/owasp.or.id\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.8.2"}};
/*! This file is auto-generated */
!function(s,n){var o,i,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),a=(e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(n,0,0),new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data));return t.every(function(e,t){return e===a[t]})}function u(e,t){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);for(var n=e.getImageData(16,16,1,1),a=0;a<n.data.length;a++)if(0!==n.data[a])return!1;return!0}function f(e,t,n,a){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\udde8\ud83c\uddf6","\ud83c\udde8\u200b\ud83c\uddf6")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb40\udc6e\udb40\udc67\udb40\udc7f","\ud83c\udff4\u200b\udb40\udc67\u200b\udb40\udc62\u200b\udb40\udc65\u200b\udb40\udc6e\u200b\udb40\udc67\u200b\udb40\udc7f");case"emoji":return!a(e,"\ud83e\udedf")}return!1}function g(e,t,n,a){var r="undefined"!=typeof WorkerGlobalScope&&self instanceof WorkerGlobalScope?new OffscreenCanvas(300,150):s.createElement("canvas"),o=r.getContext("2d",{willReadFrequently:!0}),i=(o.textBaseline="top",o.font="600 32px Arial",{});return e.forEach(function(e){i[e]=t(o,e,n,a)}),i}function t(e){var t=s.createElement("script");t.src=e,t.defer=!0,s.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",i=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){s.addEventListener("DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.supportTests)return e.supportTests}catch(e){}return null}();if(!n){if("undefined"!=typeof Worker&&"undefined"!=typeof OffscreenCanvas&&"undefined"!=typeof URL&&URL.createObjectURL&&"undefined"!=typeof Blob)try{var e="postMessage("+g.toString()+"("+[JSON.stringify(i),f.toString(),p.toString(),u.toString()].join(",")+"));",a=new Blob([e],{type:"text/javascript"}),r=new Worker(URL.createObjectURL(a),{name:"wpTestEmojiSupports"});return void(r.onmessage=function(e){c(n=e.data),r.terminate(),t(n)})}catch(e){}c(n=g(i,f,p,u))}t(n)}).then(function(e){for(var t in e)n.supports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&(t(e.twemoji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings);
/* ]]> */
</script>
<style id='wp-emoji-styles-inline-css' type='text/css'>

	img.wp-smiley, img.emoji {
		display: inline !important;
		border: none !important;
		box-shadow: none !important;
		height: 1em !important;
		width: 1em !important;
		margin: 0 0.07em !important;
		vertical-align: -0.1em !important;
		background: none !important;
		padding: 0 !important;
	}
</style>
<link rel='stylesheet' id='wp-block-library-css' href='https://owasp.or.id/wp-includes/css/dist/block-library/style.min.css?ver=6.8.2' type='text/css' media='all' />
<style id='classic-theme-styles-inline-css' type='text/css'>
/*! This file is auto-generated */
.wp-block-button__link{color:#fff;background-color:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}
</style>
<style id='global-styles-inline-css' type='text/css'>
:root{--wp--preset--aspect-ratio--square: 1;--wp--preset--aspect-ratio--4-3: 4/3;--wp--preset--aspect-ratio--3-4: 3/4;--wp--preset--aspect-ratio--3-2: 3/2;--wp--preset--aspect-ratio--2-3: 2/3;--wp--preset--aspect-ratio--16-9: 16/9;--wp--preset--aspect-ratio--9-16: 9/16;--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color--pale-cyan-blue: #8ed1fc;--wp--preset--color--vivid-cyan-blue: #0693e3;--wp--preset--color--vivid-purple: #9b51e0;--wp--preset--color--accent: #e91e63;--wp--preset--color--background-color: #E5E5E5;--wp--preset--color--header-gradient: #a81d84;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple: linear-gradient(135deg,rgba(6,147,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradient(135deg,rgba(252,185,0,1) 0%,rgba(255,105,0,1) 100%);--wp--preset--gradient--luminous-vivid-orange-to-vivid-red: linear-gradient(135deg,rgba(255,105,0,1) 0%,rgb(207,46,46) 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-warm-spectrum: linear-gradient(135deg,rgb(74,234,220) 0%,rgb(151,120,209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-gradient(135deg,rgb(254,205,165) 0%,rgb(254,45,45) 50%,rgb(107,0,62) 100%);--wp--preset--gradient--luminous-dusk: linear-gradient(135deg,rgb(255,203,112) 0%,rgb(199,81,192) 50%,rgb(65,88,208) 100%);--wp--preset--gradient--pale-ocean: linear-gradient(135deg,rgb(255,245,203) 0%,rgb(182,227,212) 50%,rgb(51,167,181) 100%);--wp--preset--gradient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--font-size--x-large: 42px;--wp--preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5rem;--wp--preset--spacing--60: 2.25rem;--wp--preset--spacing--70: 3.38rem;--wp--preset--spacing--80: 5.06rem;--wp--preset--shadow--natural: 6px 6px 9px rgba(0, 0, 0, 0.2);--wp--preset--shadow--deep: 12px 12px 50px rgba(0, 0, 0, 0.4);--wp--preset--shadow--sharp: 6px 6px 0px rgba(0, 0, 0, 0.2);--wp--preset--shadow--outlined: 6px 6px 0px -3px rgba(255, 255, 255, 1), 6px 6px rgba(0, 0, 0, 1);--wp--preset--shadow--crisp: 6px 6px 0px rgba(0, 0, 0, 1);}:root :where(.is-layout-flow) > :first-child{margin-block-start: 0;}:root :where(.is-layout-flow) > :last-child{margin-block-end: 0;}:root :where(.is-layout-flow) > *{margin-block-start: 24px;margin-block-end: 0;}:root :where(.is-layout-constrained) > :first-child{margin-block-start: 0;}:root :where(.is-layout-constrained) > :last-child{margin-block-end: 0;}:root :where(.is-layout-constrained) > *{margin-block-start: 24px;margin-block-end: 0;}:root :where(.is-layout-flex){gap: 24px;}:root :where(.is-layout-grid){gap: 24px;}body .is-layout-flex{display: flex;}.is-layout-flex{flex-wrap: wrap;align-items: center;}.is-layout-flex > :is(*, div){margin: 0;}body .is-layout-grid{display: grid;}.is-layout-grid > :is(*, div){margin: 0;}.has-black-color{color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-color{color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-color{color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-color{color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-color{color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-color{color: var(--wp--preset--color--vivid-purple) !important;}.has-accent-color{color: var(--wp--preset--color--accent) !important;}.has-background-color-color{color: var(--wp--preset--color--background-color) !important;}.has-header-gradient-color{color: var(--wp--preset--color--header-gradient) !important;}.has-black-background-color{background-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-background-color{background-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-background-color{background-color: var(--wp--preset--color--white) !important;}.has-pale-pink-background-color{background-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-background-color{background-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-background-color{background-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-background-color{background-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-background-color{background-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-background-color{background-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-background-color{background-color: var(--wp--preset--color--vivid-purple) !important;}.has-accent-background-color{background-color: var(--wp--preset--color--accent) !important;}.has-background-color-background-color{background-color: var(--wp--preset--color--background-color) !important;}.has-header-gradient-background-color{background-color: var(--wp--preset--color--header-gradient) !important;}.has-black-border-color{border-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-border-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-border-color{border-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-border-color{border-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-border-color{border-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-border-color{border-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-border-color{border-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-border-color{border-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-border-color{border-color: var(--wp--preset--color--vivid-purple) !important;}.has-accent-border-color{border-color: var(--wp--preset--color--accent) !important;}.has-background-color-border-color{border-color: var(--wp--preset--color--background-color) !important;}.has-header-gradient-border-color{border-color: var(--wp--preset--color--header-gradient) !important;}.has-vivid-cyan-blue-to-vivid-purple-gradient-background{background: var(--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple) !important;}.has-light-green-cyan-to-vivid-green-cyan-gradient-background{background: var(--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan) !important;}.has-luminous-vivid-amber-to-luminous-vivid-orange-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange) !important;}.has-luminous-vivid-orange-to-vivid-red-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-orange-to-vivid-red) !important;}.has-very-light-gray-to-cyan-bluish-gray-gradient-background{background: var(--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray) !important;}.has-cool-to-warm-spectrum-gradient-background{background: var(--wp--preset--gradient--cool-to-warm-spectrum) !important;}.has-blush-light-purple-gradient-background{background: var(--wp--preset--gradient--blush-light-purple) !important;}.has-blush-bordeaux-gradient-background{background: var(--wp--preset--gradient--blush-bordeaux) !important;}.has-luminous-dusk-gradient-background{background: var(--wp--preset--gradient--luminous-dusk) !important;}.has-pale-ocean-gradient-background{background: var(--wp--preset--gradient--pale-ocean) !important;}.has-electric-grass-gradient-background{background: var(--wp--preset--gradient--electric-grass) !important;}.has-midnight-gradient-background{background: var(--wp--preset--gradient--midnight) !important;}.has-small-font-size{font-size: var(--wp--preset--font-size--small) !important;}.has-medium-font-size{font-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;}
:root :where(.wp-block-pullquote){font-size: 1.5em;line-height: 1.6;}
</style>
<link rel='stylesheet' id='bootstrap-css' href='https://owasp.or.id/wp-content/themes/hestia/assets/bootstrap/css/bootstrap.min.css?ver=1.0.2' type='text/css' media='all' />
<link rel='stylesheet' id='hestia-font-sizes-css' href='https://owasp.or.id/wp-content/themes/hestia/assets/css/font-sizes.min.css?ver=3.3.0' type='text/css' media='all' />
<link rel='stylesheet' id='hestia_style-css' href='https://owasp.or.id/wp-content/themes/hestia/style.min.css?ver=3.3.0' type='text/css' media='all' />
<style id='hestia_style-inline-css' type='text/css'>
.navbar .navbar-nav li a[href*="facebook.com"]{font-size:0}.navbar .navbar-nav li a[href*="facebook.com"]:before{content:"\f39e"}.navbar .navbar-nav li a[href*="facebook.com"]:hover:before{color:#3b5998}.navbar .navbar-nav li a[href*="twitter.com"]{font-size:0}.navbar .navbar-nav li a[href*="twitter.com"]:before{content:"\f099"}.navbar .navbar-nav li a[href*="twitter.com"]:hover:before{color:#000}.navbar .navbar-nav li a[href*="pinterest.com"]{font-size:0}.navbar .navbar-nav li a[href*="pinterest.com"]:before{content:"\f231"}.navbar .navbar-nav li a[href*="pinterest.com"]:hover:before{color:#cc2127}.navbar .navbar-nav li a[href*="google.com"]{font-size:0}.navbar .navbar-nav li a[href*="google.com"]:before{content:"\f1a0"}.navbar .navbar-nav li a[href*="google.com"]:hover:before{color:#dd4b39}.navbar .navbar-nav li a[href*="linkedin.com"]{font-size:0}.navbar .navbar-nav li a[href*="linkedin.com"]:before{content:"\f0e1"}.navbar .navbar-nav li a[href*="linkedin.com"]:hover:before{color:#0976b4}.navbar .navbar-nav li a[href*="dribbble.com"]{font-size:0}.navbar .navbar-nav li a[href*="dribbble.com"]:before{content:"\f17d"}.navbar .navbar-nav li a[href*="dribbble.com"]:hover:before{color:#ea4c89}.navbar .navbar-nav li a[href*="github.com"]{font-size:0}.navbar .navbar-nav li a[href*="github.com"]:before{content:"\f09b"}.navbar .navbar-nav li a[href*="github.com"]:hover:before{color:#000}.navbar .navbar-nav li a[href*="youtube.com"]{font-size:0}.navbar .navbar-nav li a[href*="youtube.com"]:before{content:"\f167"}.navbar .navbar-nav li a[href*="youtube.com"]:hover:before{color:#e52d27}.navbar .navbar-nav li a[href*="instagram.com"]{font-size:0}.navbar .navbar-nav li a[href*="instagram.com"]:before{content:"\f16d"}.navbar .navbar-nav li a[href*="instagram.com"]:hover:before{color:#125688}.navbar .navbar-nav li a[href*="reddit.com"]{font-size:0}.navbar .navbar-nav li a[href*="reddit.com"]:before{content:"\f281"}.navbar .navbar-nav li a[href*="reddit.com"]:hover:before{color:#ff4500}.navbar .navbar-nav li a[href*="tumblr.com"]{font-size:0}.navbar .navbar-nav li a[href*="tumblr.com"]:before{content:"\f173"}.navbar .navbar-nav li a[href*="tumblr.com"]:hover:before{color:#35465c}.navbar .navbar-nav li a[href*="behance.com"]{font-size:0}.navbar .navbar-nav li a[href*="behance.com"]:before{content:"\f1b4"}.navbar .navbar-nav li a[href*="behance.com"]:hover:before{color:#1769ff}.navbar .navbar-nav li a[href*="snapchat.com"]{font-size:0}.navbar .navbar-nav li a[href*="snapchat.com"]:before{content:"\f2ab"}.navbar .navbar-nav li a[href*="snapchat.com"]:hover:before{color:#fffc00}.navbar .navbar-nav li a[href*="deviantart.com"]{font-size:0}.navbar .navbar-nav li a[href*="deviantart.com"]:before{content:"\f1bd"}.navbar .navbar-nav li a[href*="deviantart.com"]:hover:before{color:#05cc47}.navbar .navbar-nav li a[href*="vimeo.com"]{font-size:0}.navbar .navbar-nav li a[href*="vimeo.com"]:before{content:"\f27d"}.navbar .navbar-nav li a[href*="vimeo.com"]:hover:before{color:#1ab7ea}.navbar .navbar-nav li a[href*="x.com"]{font-size:0}.navbar .navbar-nav li a[href*="x.com"]:before{content:"\e61b"}.navbar .navbar-nav li a[href*="x.com"]:hover:before{color:#000}
.hestia-top-bar,.hestia-top-bar .widget.widget_shopping_cart .cart_list{background-color:#363537}.hestia-top-bar .widget .label-floating input[type=search]:-webkit-autofill{-webkit-box-shadow:inset 0 0 0 9999px #363537}.hestia-top-bar,.hestia-top-bar .widget .label-floating input[type=search],.hestia-top-bar .widget.widget_search form.form-group:before,.hestia-top-bar .widget.widget_product_search form.form-group:before,.hestia-top-bar .widget.widget_shopping_cart:before{color:#fff}.hestia-top-bar .widget .label-floating input[type=search]{-webkit-text-fill-color:#fff !important}.hestia-top-bar div.widget.widget_shopping_cart:before,.hestia-top-bar .widget.widget_product_search form.form-group:before,.hestia-top-bar .widget.widget_search form.form-group:before{background-color:#fff}.hestia-top-bar a,.hestia-top-bar .top-bar-nav li a{color:#fff}.hestia-top-bar ul li a[href*="mailto:"]:before,.hestia-top-bar ul li a[href*="tel:"]:before{background-color:#fff}.hestia-top-bar a:hover,.hestia-top-bar .top-bar-nav li a:hover{color:#eee}.hestia-top-bar ul li:hover a[href*="mailto:"]:before,.hestia-top-bar ul li:hover a[href*="tel:"]:before{background-color:#eee}
footer.footer.footer-black{background:#323437}footer.footer.footer-black.footer-big{color:#fff}footer.footer.footer-black a{color:#fff}footer.footer.footer-black hr{border-color:#5e5e5e}.footer-big p,.widget,.widget code,.widget pre{color:#5e5e5e}
:root{--hestia-primary-color:#e91e63}a,.navbar .dropdown-menu li:hover>a,.navbar .dropdown-menu li:focus>a,.navbar .dropdown-menu li:active>a,.navbar .navbar-nav>li .dropdown-menu li:hover>a,body:not(.home) .navbar-default .navbar-nav>.active:not(.btn)>a,body:not(.home) .navbar-default .navbar-nav>.active:not(.btn)>a:hover,body:not(.home) .navbar-default .navbar-nav>.active:not(.btn)>a:focus,a:hover,.card-blog a.moretag:hover,.card-blog a.more-link:hover,.widget a:hover,.has-text-color.has-accent-color,p.has-text-color a{color:#e91e63}.svg-text-color{fill:#e91e63}.pagination span.current,.pagination span.current:focus,.pagination span.current:hover{border-color:#e91e63}button,button:hover,.woocommerce .track_order button[type="submit"],.woocommerce .track_order button[type="submit"]:hover,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit:hover,input[type="button"],input[type="button"]:hover,input[type="submit"],input[type="submit"]:hover,input#searchsubmit,.pagination span.current,.pagination span.current:focus,.pagination span.current:hover,.btn.btn-primary,.btn.btn-primary:link,.btn.btn-primary:hover,.btn.btn-primary:focus,.btn.btn-primary:active,.btn.btn-primary.active,.btn.btn-primary.active:focus,.btn.btn-primary.active:hover,.btn.btn-primary:active:hover,.btn.btn-primary:active:focus,.btn.btn-primary:active:hover,.hestia-sidebar-open.btn.btn-rose,.hestia-sidebar-close.btn.btn-rose,.hestia-sidebar-open.btn.btn-rose:hover,.hestia-sidebar-close.btn.btn-rose:hover,.hestia-sidebar-open.btn.btn-rose:focus,.hestia-sidebar-close.btn.btn-rose:focus,.label.label-primary,.hestia-work .portfolio-item:nth-child(6n+1) .label,.nav-cart .nav-cart-content .widget .buttons .button,.has-accent-background-color[class*="has-background"]{background-color:#e91e63}@media(max-width:768px){.navbar-default .navbar-nav>li>a:hover,.navbar-default .navbar-nav>li>a:focus,.navbar .navbar-nav .dropdown .dropdown-menu li a:hover,.navbar .navbar-nav .dropdown .dropdown-menu li a:focus,.navbar button.navbar-toggle:hover,.navbar .navbar-nav li:hover>a i{color:#e91e63}}body:not(.woocommerce-page) button:not([class^="fl-"]):not(.hestia-scroll-to-top):not(.navbar-toggle):not(.close),body:not(.woocommerce-page) .button:not([class^="fl-"]):not(hestia-scroll-to-top):not(.navbar-toggle):not(.add_to_cart_button):not(.product_type_grouped):not(.product_type_external),div.wpforms-container .wpforms-form button[type=submit].wpforms-submit,input[type="submit"],input[type="button"],.btn.btn-primary,.widget_product_search button[type="submit"],.hestia-sidebar-open.btn.btn-rose,.hestia-sidebar-close.btn.btn-rose,.everest-forms button[type=submit].everest-forms-submit-button{-webkit-box-shadow:0 2px 2px 0 rgba(233,30,99,0.14),0 3px 1px -2px rgba(233,30,99,0.2),0 1px 5px 0 rgba(233,30,99,0.12);box-shadow:0 2px 2px 0 rgba(233,30,99,0.14),0 3px 1px -2px rgba(233,30,99,0.2),0 1px 5px 0 rgba(233,30,99,0.12)}.card .header-primary,.card .content-primary,.everest-forms button[type=submit].everest-forms-submit-button{background:#e91e63}body:not(.woocommerce-page) .button:not([class^="fl-"]):not(.hestia-scroll-to-top):not(.navbar-toggle):not(.add_to_cart_button):hover,body:not(.woocommerce-page) button:not([class^="fl-"]):not(.hestia-scroll-to-top):not(.navbar-toggle):not(.close):hover,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit:hover,input[type="submit"]:hover,input[type="button"]:hover,input#searchsubmit:hover,.widget_product_search button[type="submit"]:hover,.pagination span.current,.btn.btn-primary:hover,.btn.btn-primary:focus,.btn.btn-primary:active,.btn.btn-primary.active,.btn.btn-primary:active:focus,.btn.btn-primary:active:hover,.hestia-sidebar-open.btn.btn-rose:hover,.hestia-sidebar-close.btn.btn-rose:hover,.pagination span.current:hover,.everest-forms button[type=submit].everest-forms-submit-button:hover,.everest-forms button[type=submit].everest-forms-submit-button:focus,.everest-forms button[type=submit].everest-forms-submit-button:active{-webkit-box-shadow:0 14px 26px -12px rgba(233,30,99,0.42),0 4px 23px 0 rgba(0,0,0,0.12),0 8px 10px -5px rgba(233,30,99,0.2);box-shadow:0 14px 26px -12px rgba(233,30,99,0.42),0 4px 23px 0 rgba(0,0,0,0.12),0 8px 10px -5px rgba(233,30,99,0.2);color:#fff}.form-group.is-focused .form-control{background-image:-webkit-gradient(linear,left top,left bottom,from(#e91e63),to(#e91e63)),-webkit-gradient(linear,left top,left bottom,from(#d2d2d2),to(#d2d2d2));background-image:-webkit-linear-gradient(linear,left top,left bottom,from(#e91e63),to(#e91e63)),-webkit-linear-gradient(linear,left top,left bottom,from(#d2d2d2),to(#d2d2d2));background-image:linear-gradient(linear,left top,left bottom,from(#e91e63),to(#e91e63)),linear-gradient(linear,left top,left bottom,from(#d2d2d2),to(#d2d2d2))}.navbar:not(.navbar-transparent) li:not(.btn):hover>a,.navbar li.on-section:not(.btn)>a,.navbar.full-screen-menu.navbar-transparent li:not(.btn):hover>a,.navbar.full-screen-menu .navbar-toggle:hover,.navbar:not(.navbar-transparent) .nav-cart:hover,.navbar:not(.navbar-transparent) .hestia-toggle-search:hover{color:#e91e63}.header-filter-gradient{background:linear-gradient(45deg,rgba(168,29,132,1) 0,rgb(234,57,111) 100%)}.has-text-color.has-header-gradient-color{color:#a81d84}.has-header-gradient-background-color[class*="has-background"]{background-color:#a81d84}.has-text-color.has-background-color-color{color:#E5E5E5}.has-background-color-background-color[class*="has-background"]{background-color:#E5E5E5}
.btn.btn-primary:not(.colored-button):not(.btn-left):not(.btn-right):not(.btn-just-icon):not(.menu-item),input[type="submit"]:not(.search-submit),body:not(.woocommerce-account) .woocommerce .button.woocommerce-Button,.woocommerce .product button.button,.woocommerce .product button.button.alt,.woocommerce .product #respond input#submit,.woocommerce-cart .blog-post .woocommerce .cart-collaterals .cart_totals .checkout-button,.woocommerce-checkout #payment #place_order,.woocommerce-account.woocommerce-page button.button,.woocommerce .track_order button[type="submit"],.nav-cart .nav-cart-content .widget .buttons .button,.woocommerce a.button.wc-backward,body.woocommerce .wccm-catalog-item a.button,body.woocommerce a.wccm-button.button,form.woocommerce-form-coupon button.button,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit,div.woocommerce a.button.alt,div.woocommerce table.my_account_orders .button,.btn.colored-button,.btn.btn-left,.btn.btn-right,.btn:not(.colored-button):not(.btn-left):not(.btn-right):not(.btn-just-icon):not(.menu-item):not(.hestia-sidebar-open):not(.hestia-sidebar-close){padding-top:15px;padding-bottom:15px;padding-left:33px;padding-right:33px}
:root{--hestia-button-border-radius:3px}.btn.btn-primary:not(.colored-button):not(.btn-left):not(.btn-right):not(.btn-just-icon):not(.menu-item),input[type="submit"]:not(.search-submit),body:not(.woocommerce-account) .woocommerce .button.woocommerce-Button,.woocommerce .product button.button,.woocommerce .product button.button.alt,.woocommerce .product #respond input#submit,.woocommerce-cart .blog-post .woocommerce .cart-collaterals .cart_totals .checkout-button,.woocommerce-checkout #payment #place_order,.woocommerce-account.woocommerce-page button.button,.woocommerce .track_order button[type="submit"],.nav-cart .nav-cart-content .widget .buttons .button,.woocommerce a.button.wc-backward,body.woocommerce .wccm-catalog-item a.button,body.woocommerce a.wccm-button.button,form.woocommerce-form-coupon button.button,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit,div.woocommerce a.button.alt,div.woocommerce table.my_account_orders .button,input[type="submit"].search-submit,.hestia-view-cart-wrapper .added_to_cart.wc-forward,.woocommerce-product-search button,.woocommerce-cart .actions .button,#secondary div[id^=woocommerce_price_filter] .button,.woocommerce div[id^=woocommerce_widget_cart].widget .buttons .button,.searchform input[type=submit],.searchform button,.search-form:not(.media-toolbar-primary) input[type=submit],.search-form:not(.media-toolbar-primary) button,.woocommerce-product-search input[type=submit],.btn.colored-button,.btn.btn-left,.btn.btn-right,.btn:not(.colored-button):not(.btn-left):not(.btn-right):not(.btn-just-icon):not(.menu-item):not(.hestia-sidebar-open):not(.hestia-sidebar-close){border-radius:3px}
@media(min-width:769px){.page-header.header-small .hestia-title,.page-header.header-small .title,h1.hestia-title.title-in-content,.main article.section .has-title-font-size{font-size:42px}}
@media( min-width:480px){}@media( min-width:768px){}.hestia-scroll-to-top{border-radius :50%;background-color:#999}.hestia-scroll-to-top:hover{background-color:#999}.hestia-scroll-to-top:hover svg,.hestia-scroll-to-top:hover p{color:#fff}.hestia-scroll-to-top svg,.hestia-scroll-to-top p{color:#fff}
</style>
<link rel='stylesheet' id='hestia_fonts-css' href='https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700%7CRoboto+Slab%3A400%2C700&#038;subset=latin%2Clatin-ext&#038;ver=3.3.0' type='text/css' media='all' />
<script type="text/javascript" src="https://owasp.or.id/wp-includes/js/jquery/jquery.min.js?ver=3.7.1" id="jquery-core-js"></script>
<script type="text/javascript" src="https://owasp.or.id/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1" id="jquery-migrate-js"></script>
<link rel="https://api.w.org/" href="https://owasp.or.id/wp-json/" /><link rel="alternate" title="JSON" type="application/json" href="https://owasp.or.id/wp-json/wp/v2/tags/201" /><link rel="EditURI" type="application/rsd+xml" title="RSD" href="https://owasp.or.id/xmlrpc.php?rsd" />
<meta name="generator" content="WordPress 6.8.2" />
<link rel="icon" href="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt-150x150.png" sizes="32x32" />
<link rel="icon" href="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt.png" sizes="192x192" />
<link rel="apple-touch-icon" href="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt.png" />
<meta name="msapplication-TileImage" content="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt.png" />
</head>

<body class="archive tag tag-evade tag-201 wp-custom-logo wp-theme-hestia header-layout-default">
		<div class="wrapper  default ">
		<header class="header ">
			<div style="display: none"></div>		<nav class="navbar navbar-default  hestia_left navbar-not-transparent navbar-fixed-top">
						<div class="container">
						<div class="navbar-header">
			<div class="title-logo-wrapper">
				<a class="navbar-brand" href="https://owasp.or.id/"
						title="OWASP Jakarta">
					<img  src="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt.png" alt="OWASP Jakarta" width="1667" height="563"></a>
			</div>
								<div class="navbar-toggle-wrapper">
						<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#main-navigation">
								<span class="icon-bar"></span><span class="icon-bar"></span><span class="icon-bar"></span>				<span class="sr-only">Toggle Navigation</span>
			</button>
					</div>
				</div>
		<div id="main-navigation" class="collapse navbar-collapse"><ul id="menu-home" class="nav navbar-nav"><li id="menu-item-386" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-home menu-item-386"><a title="Home" href="https://owasp.or.id">Home</a></li>
<li id="menu-item-383" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-has-children menu-item-383 dropdown"><a title="Meetup" href="https://owasp.or.id/meetup/" class="dropdown-toggle">Meetup <span class="caret-wrap"><span class="caret"><svg aria-hidden="true" focusable="false" data-prefix="fas" data-icon="chevron-down" class="svg-inline--fa fa-chevron-down fa-w-14" role="img" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><path d="M207.029 381.476L12.686 187.132c-9.373-9.373-9.373-24.569 0-33.941l22.667-22.667c9.357-9.357 24.522-9.375 33.901-.04L224 284.505l154.745-154.021c9.379-9.335 24.544-9.317 33.901.04l22.667 22.667c9.373 9.373 9.373 24.569 0 33.941L240.971 381.476c-9.373 9.372-24.569 9.372-33.942 0z"></path></svg></span></span></a>
<ul role="menu" class="dropdown-menu">
	<li id="menu-item-457" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-457"><a title="Meetup.com" href="https://www.meetup.com/owasp-jakarta-chapter/">Meetup.com</a></li>
</ul>
</li>
<li id="menu-item-385" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-385"><a title="Sitemap" href="https://owasp.or.id/sitemap_index.xml">Sitemap</a></li>
<li id="menu-item-384" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-384"><a title="Contact" href="https://owasp.or.id/contact/">Contact</a></li>
</ul></div>			</div>
					</nav>
				</header>
<div id="primary" class="boxed-layout-header page-header header-small" data-parallax="active" ><div class="container"><div class="row"><div class="col-md-10 col-md-offset-1 text-center"><h1 class="hestia-title">Evade</h1></div></div></div><div class="header-filter" style="background-image: url(https://owasp.or.id/wp-content/uploads/2023/10/cropped-owaspjkt3.webp);"></div></div>
<div class="main  main-raised ">
	<div class="hestia-blogs" data-layout="full-width">
		<div class="container">
			<div class="row">
								<div class="col-md-10 col-md-offset-1 blog-posts-wrap">
					<article 
		id="post-4579" 
		class="card card-blog card-plain post-4579 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-dmarc tag-domains tag-evade tag-malspam tag-neglected tag-protections tag-security tag-spf"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2025/01/08/neglected-domains-used-in-malspam-to-evade-spf-and-dmarc-security-protections/" title="Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2025/01/Neglected-Domains-Used-in-Malspam-to-Evade-SPF-and-DMARC-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections" decoding="async" fetchpriority="high" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2025/01/08/neglected-domains-used-in-malspam-to-evade-spf-and-dmarc-security-protections/" title="Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections" rel="bookmark">Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections</a></h2><div class="card-description entry-summary "><p>Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections Cybersecurity researchers have found that bad actors are continuing to have success by spoofing sender email addresses as part of various malspam campaigns. Faking the sender address of an email is widely seen as an attempt to make<a class="moretag" href="https://owasp.or.id/2025/01/08/neglected-domains-used-in-malspam-to-evade-spf-and-dmarc-security-protections/"> Read more</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2025/01/08/neglected-domains-used-in-malspam-to-evade-spf-and-dmarc-security-protections/"><time class="entry-date published" datetime="2025-01-08T19:39:05+00:00" content="2025-01-08">7 months</time> ago</a> <time class="updated hestia-hidden" datetime="2025-01-08T19:39:05+00:00">January 8, 2025</time></div></div></div></article><article 
		id="post-4403" 
		class="card card-blog card-plain post-4403 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-coinlurker tag-deploy tag-detection tag-evade tag-exploit tag-hackers tag-malware tag-security tag-webview2"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/12/17/hackers-exploit-webview2-to-deploy-coinlurker-malware-and-evade-security-detection/" title="Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/12/Hackers-Exploit-Webview2-to-Deploy-CoinLurker-Malware-and-Evade-Security-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection" decoding="async" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/12/17/hackers-exploit-webview2-to-deploy-coinlurker-malware-and-evade-security-detection/" title="Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection" rel="bookmark">Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection</a></h2><div class="card-description entry-summary "><p>Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection Bogus software update lures are being used by threat actors to deliver a new stealer malware called CoinLurker. &#8220;Written in Go, CoinLurker employs cutting-edge obfuscation and anti-analysis techniques, making it a highly effective tool in modern cyber attacks,&#8221; Morphisec<a class="moretag" href="https://owasp.or.id/2024/12/17/hackers-exploit-webview2-to-deploy-coinlurker-malware-and-evade-security-detection/"> Read more</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/12/17/hackers-exploit-webview2-to-deploy-coinlurker-malware-and-evade-security-detection/"><time class="entry-date published" datetime="2024-12-17T10:51:05+00:00" content="2024-12-17">7 months</time> ago</a> <time class="updated hestia-hidden" datetime="2024-12-17T10:51:05+00:00">December 17, 2024</time></div></div></div></article><article 
		id="post-4369" 
		class="card card-blog card-plain post-4369 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-advanced tag-detection tag-evade tag-linux tag-pumakit tag-rootkit tag-stealth tag-techniques"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/12/13/new-linux-rootkit-pumakit-uses-advanced-stealth-techniques-to-evade-detection/" title="New Linux Rootkit PUMAKIT Uses Advanced Stealth Techniques to Evade Detection"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/12/New-Linux-Rootkit-PUMAKIT-Uses-Advanced-Stealth-Techniques-to-Evade-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="New Linux Rootkit PUMAKIT Uses Advanced Stealth Techniques to Evade Detection" decoding="async" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/12/13/new-linux-rootkit-pumakit-uses-advanced-stealth-techniques-to-evade-detection/" title="New Linux Rootkit PUMAKIT Uses Advanced Stealth Techniques to Evade Detection" rel="bookmark">New Linux Rootkit PUMAKIT Uses Advanced Stealth Techniques to Evade Detection</a></h2><div class="card-description entry-summary "><p>New Linux Rootkit PUMAKIT Uses Advanced Stealth Techniques to Evade Detection Cybersecurity researchers have uncovered a new Linux rootkit called PUMAKIT that comes with capabilities to escalate privileges, hide files and directories, and conceal itself from system tools, while simultaneously evading detection. &#8220;PUMAKIT is a sophisticated loadable kernel module (LKM)<a class="moretag" href="https://owasp.or.id/2024/12/13/new-linux-rootkit-pumakit-uses-advanced-stealth-techniques-to-evade-detection/"> Read more</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/12/13/new-linux-rootkit-pumakit-uses-advanced-stealth-techniques-to-evade-detection/"><time class="entry-date published" datetime="2024-12-13T10:32:01+00:00" content="2024-12-13">7 months</time> ago</a> <time class="updated hestia-hidden" datetime="2024-12-13T10:32:01+00:00">December 13, 2024</time></div></div></div></article><article 
		id="post-4349" 
		class="card card-blog card-plain post-4349 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-edr tag-evade tag-exploit tag-framework tag-malware tag-technique tag-tools tag-windows"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/12/11/new-malware-technique-could-exploit-windows-ui-framework-to-evade-edr-tools/" title="New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/12/New-Malware-Technique-Could-Exploit-Windows-UI-Framework-to-Evade-360x240.gif" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/12/11/new-malware-technique-could-exploit-windows-ui-framework-to-evade-edr-tools/" title="New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools" rel="bookmark">New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools</a></h2><div class="card-description entry-summary "><p>New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools A newly devised technique leverages a Windows accessibility framework called UI Automation (UIA) to perform a wide range of malicious activities without tipping off endpoint detection and response (EDR) solutions. &#8220;To exploit this technique, a user must be<a class="moretag" href="https://owasp.or.id/2024/12/11/new-malware-technique-could-exploit-windows-ui-framework-to-evade-edr-tools/"> Read more</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/12/11/new-malware-technique-could-exploit-windows-ui-framework-to-evade-edr-tools/"><time class="entry-date published" datetime="2024-12-11T16:30:22+00:00" content="2024-12-11">7 months</time> ago</a> <time class="updated hestia-hidden" datetime="2024-12-11T16:30:22+00:00">December 11, 2024</time></div></div></div></article><article 
		id="post-4256" 
		class="card card-blog card-plain post-4256 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-antivirus tag-corrupted tag-defenses tag-docs tag-email tag-evade tag-hackers tag-office tag-zips"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/12/04/hackers-use-corrupted-zips-and-office-docs-to-evade-antivirus-and-email-defenses/" title="Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/12/Hackers-Use-Corrupted-ZIPs-and-Office-Docs-to-Evade-Antivirus-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/12/04/hackers-use-corrupted-zips-and-office-docs-to-evade-antivirus-and-email-defenses/" title="Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses" rel="bookmark">Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses</a></h2><div class="card-description entry-summary "><p>Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses Cybersecurity researchers have called attention to a novel phishing campaign that leverages corrupted Microsoft Office documents and ZIP archives as a way to bypass email defenses. &#8220;The ongoing attack evades #antivirus software, prevents uploads to sandboxes, and<a class="moretag" href="https://owasp.or.id/2024/12/04/hackers-use-corrupted-zips-and-office-docs-to-evade-antivirus-and-email-defenses/"> Read more</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/12/04/hackers-use-corrupted-zips-and-office-docs-to-evade-antivirus-and-email-defenses/"><time class="entry-date published" datetime="2024-12-04T09:21:47+00:00" content="2024-12-04">8 months</time> ago</a> <time class="updated hestia-hidden" datetime="2024-12-04T09:21:47+00:00">December 4, 2024</time></div></div></div></article><article 
		id="post-3993" 
		class="card card-blog card-plain post-3993 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-antivirus tag-crontrap tag-evade tag-hiding tag-infects tag-linux tag-malware tag-windows"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/11/08/new-crontrap-malware-infects-windows-by-hiding-in-linux-vm-to-evade-antivirus/" title="New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/11/New-CRONTRAP-Malware-Infects-Windows-by-Hiding-in-Linux-VM-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Malware Linux VM" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/11/08/new-crontrap-malware-infects-windows-by-hiding-in-linux-vm-to-evade-antivirus/" title="New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus" rel="bookmark">New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus</a></h2><div class="card-description entry-summary "><p>New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus Nov 08, 2024Ravie LakshmananMalware / Virtualization Cybersecurity researchers have flagged a new malware campaign that infects Windows systems with a Linux virtual instance containing a backdoor capable of establishing remote access to the compromised hosts. The &#8220;intriguing&#8221;<a class="moretag" href="https://owasp.or.id/2024/11/08/new-crontrap-malware-infects-windows-by-hiding-in-linux-vm-to-evade-antivirus/"> Read more</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/11/08/new-crontrap-malware-infects-windows-by-hiding-in-linux-vm-to-evade-antivirus/"><time class="entry-date published" datetime="2024-11-08T07:51:03+00:00" content="2024-11-08">9 months</time> ago</a> <time class="updated hestia-hidden" datetime="2024-11-08T07:51:03+00:00">November 8, 2024</time></div></div></div></article><article 
		id="post-3948" 
		class="card card-blog card-plain post-3948 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-attack tag-detection tag-distribute tag-evade tag-exploits tag-malware tag-microsoft tag-services tag-veildrive"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/11/06/veildrive-attack-exploits-microsoft-services-to-evade-detection-and-distribute-malware/" title="VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/11/VEILDrive-Attack-Exploits-Microsoft-Services-to-Evade-Detection-and-Distribute-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="VEILDrive Attack" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/11/06/veildrive-attack-exploits-microsoft-services-to-evade-detection-and-distribute-malware/" title="VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware" rel="bookmark">VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware</a></h2><div class="card-description entry-summary "><p>VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware Nov 06, 2024Ravie LakshmananSaaS Security / Threat Detection An ongoing threat campaign dubbed VEILDrive has been observed taking advantage of legitimate services from Microsoft, including Teams, SharePoint, Quick Assist, and OneDrive, as part of its modus operandi. &#8220;Leveraging Microsoft<a class="moretag" href="https://owasp.or.id/2024/11/06/veildrive-attack-exploits-microsoft-services-to-evade-detection-and-distribute-malware/"> Read more</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/11/06/veildrive-attack-exploits-microsoft-services-to-evade-detection-and-distribute-malware/"><time class="entry-date published" datetime="2024-11-06T19:15:56+00:00" content="2024-11-06">9 months</time> ago</a> <time class="updated hestia-hidden" datetime="2024-11-06T19:15:56+00:00">November 6, 2024</time></div></div></div></article><article 
		id="post-3705" 
		class="card card-blog card-plain post-3705 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-advanced tag-banking tag-detection tag-emerge tag-evade tag-grandoreiro tag-malware tag-tactics tag-variants"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/10/23/new-grandoreiro-banking-malware-variants-emerge-with-advanced-tactics-to-evade-detection/" title="New Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade Detection"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/10/New-Grandoreiro-Banking-Malware-Variants-Emerge-with-Advanced-Tactics-to-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Grandoreiro Banking Malware" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/10/23/new-grandoreiro-banking-malware-variants-emerge-with-advanced-tactics-to-evade-detection/" title="New Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade Detection" rel="bookmark">New Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade Detection</a></h2><div class="card-description entry-summary "><p>New Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade Detection New variants of a banking malware called Grandoreiro have been found to adopt new tactics in an effort to bypass anti-fraud measures, indicating that the malicious software is continuing to be actively developed despite law enforcement efforts to<a class="moretag" href="https://owasp.or.id/2024/10/23/new-grandoreiro-banking-malware-variants-emerge-with-advanced-tactics-to-evade-detection/"> Read more</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/10/23/new-grandoreiro-banking-malware-variants-emerge-with-advanced-tactics-to-evade-detection/"><time class="entry-date published" datetime="2024-10-23T18:15:18+00:00" content="2024-10-23">9 months</time> ago</a> <time class="updated hestia-hidden" datetime="2024-10-23T18:15:18+00:00">October 23, 2024</time></div></div></div></article><article 
		id="post-3083" 
		class="card card-blog card-plain post-3083 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-apis tag-edrs tag-evade tag-hook tag-simple tag-touching"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/10/02/evade-edrs-the-simple-way-by-not-touching-any-of-the-apis-they-hook/" title="Evade EDR&#8217;s The Simple Way, By Not Touching Any Of The API&#8217;s They Hook"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/10/Evade-EDRs-The-Simple-Way-By-Not-Touching-Any-Of-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/10/02/evade-edrs-the-simple-way-by-not-touching-any-of-the-apis-they-hook/" title="Evade EDR&#8217;s The Simple Way, By Not Touching Any Of The API&#8217;s They Hook" rel="bookmark">Evade EDR&#8217;s The Simple Way, By Not Touching Any Of The API&#8217;s They Hook</a></h2><div class="card-description entry-summary "><p>Evade EDR&#8217;s The Simple Way, By Not Touching Any Of The API&#8217;s They Hook Evade EDR&#8217;s the simple way, by not touching any of the API&#8217;s they hook. Theory I&#8217;ve noticed that most EDRs fail to scan scripting files, treating them merely as text files. While this might be unfortunate<a class="moretag" href="https://owasp.or.id/2024/10/02/evade-edrs-the-simple-way-by-not-touching-any-of-the-apis-they-hook/"> Read more</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/10/02/evade-edrs-the-simple-way-by-not-touching-any-of-the-apis-they-hook/"><time class="entry-date published" datetime="2024-10-02T09:04:24+00:00" content="2024-10-02">10 months</time> ago</a> <time class="updated hestia-hidden" datetime="2024-10-02T09:04:27+00:00">October 2, 2024</time></div></div></div></article><article 
		id="post-2866" 
		class="card card-blog card-plain post-2866 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-detection tag-evade tag-hardbit tag-passphrase tag-protection tag-ransomware"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/07/15/new-hardbit-ransomware-4-0-uses-passphrase-protection-to-evade-detection/" title="New HardBit Ransomware 4.0 Uses Passphrase Protection to Evade Detection"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/07/New-HardBit-Ransomware-40-Uses-Passphrase-Protection-to-Evade-Detection-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="HardBit Ransomware" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/07/15/new-hardbit-ransomware-4-0-uses-passphrase-protection-to-evade-detection/" title="New HardBit Ransomware 4.0 Uses Passphrase Protection to Evade Detection" rel="bookmark">New HardBit Ransomware 4.0 Uses Passphrase Protection to Evade Detection</a></h2><div class="card-description entry-summary "><p>New HardBit Ransomware 4.0 Uses Passphrase Protection to Evade Detection Jul 15, 2024NewsroomNetwork Security / Data Protection Cybersecurity researchers have shed light on a new version of a ransomware strain called HardBit that comes packaged with new obfuscation techniques to deter analysis efforts. &#8220;Unlike previous versions, HardBit Ransomware group enhanced<a class="moretag" href="https://owasp.or.id/2024/07/15/new-hardbit-ransomware-4-0-uses-passphrase-protection-to-evade-detection/"> Read more</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/07/15/new-hardbit-ransomware-4-0-uses-passphrase-protection-to-evade-detection/"><time class="entry-date published" datetime="2024-07-15T05:48:18+00:00" content="2024-07-15">1 year</time> ago</a> <time class="updated hestia-hidden" datetime="2024-07-15T05:48:18+00:00">July 15, 2024</time></div></div></div></article>
	<nav class="navigation pagination" aria-label="Posts pagination">
		<h2 class="screen-reader-text">Posts pagination</h2>
		<div class="nav-links"><span aria-current="page" class="page-numbers current">1</span>
<a class="page-numbers" href="https://owasp.or.id/tag/evade/page/2/">2</a>
<a class="next page-numbers" href="https://owasp.or.id/tag/evade/page/2/">Next</a></div>
	</nav>				</div>
							</div>
		</div>
	</div>
</div>
					<footer class="footer footer-black footer-big">
						<div class="container">
																<div class="hestia-bottom-footer-content"><div class="copyright pull-right">Hestia | Developed by <a href="https://themeisle.com" rel="nofollow">ThemeIsle</a></div></div>			</div>
					</footer>
			</div>
<script type="speculationrules">
{"prefetch":[{"source":"document","where":{"and":[{"href_matches":"\/*"},{"not":{"href_matches":["\/wp-*.php","\/wp-admin\/*","\/wp-content\/uploads\/*","\/wp-content\/*","\/wp-content\/plugins\/*","\/wp-content\/themes\/hestia\/*","\/*\\?(.+)"]}},{"not":{"selector_matches":"a[rel~=\"nofollow\"]"}},{"not":{"selector_matches":".no-prefetch, .no-prefetch a"}}]},"eagerness":"conservative"}]}
</script>
<link rel='stylesheet' id='font-awesome-5-all-css' href='https://owasp.or.id/wp-content/themes/hestia/assets/font-awesome/css/all.min.css?ver=1.0.2' type='text/css' media='all' />
<link rel='stylesheet' id='font-awesome-4-shim-css' href='https://owasp.or.id/wp-content/themes/hestia/assets/font-awesome/css/v4-shims.min.css?ver=1.0.2' type='text/css' media='all' />
<script type="text/javascript" src="https://owasp.or.id/wp-content/themes/hestia/assets/bootstrap/js/bootstrap.min.js?ver=1.0.2" id="jquery-bootstrap-js"></script>
<script type="text/javascript" src="https://owasp.or.id/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3" id="jquery-ui-core-js"></script>
<script type="text/javascript" id="hestia_scripts-js-extra">
/* <![CDATA[ */
var requestpost = {"ajaxurl":"https:\/\/owasp.or.id\/wp-admin\/admin-ajax.php","disable_autoslide":"","masonry":"","scroll_offset":"0"};
/* ]]> */
</script>
<script type="text/javascript" src="https://owasp.or.id/wp-content/themes/hestia/assets/js/script.min.js?ver=3.3.0" id="hestia_scripts-js"></script>
</body>
</html>