Windows Command-Line Obfuscation

Many Windows applications have multiple ways in which the same command line can be expressed, usually for compatibility or ease-of-use reasons. As a result, command-line arguments are implemented inconsistently making detecting specific commands harder due to the number of variations. This post shows how more than 40 often-used, built-in Windows applications are vulnerable to forms of command-line obfuscation, and presents a tool for analysing other executables.

Commandline Obfusaction - Red Team Notes

Invoke-Obfuscation — Hiding Payloads To Avoid Detection

hacking-material-books/obfuscation/simple_obfuscation.md at master

vb.net - Obfuscation Automation by Using Post-Build Commands in

Windows Command Shell - Red Canary Threat Detection Report

PowerShell Obfuscation: Stealth Through Confusion, Part I

Commandline Obfusaction - Red Team Notes

Use command line

CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How

Obfuscated Command Line Detection Using Machine Learning - REAL

Flerken - Obfuscated Command Detection Tool - vulnerability

Windows Red Team Defense Evasion Techniques

Simple Obfuscation with PowerShell using Base64 Encoding