Skip to main content
Cyber Defense TacticsCyber Defense Tactics
HomeLearnResourcesBlogCommunity
Cyber Defense TacticsCyber Defense Tactics

Learn defensive security, leverage AI for cyber defense, and join a community of security professionals.

Learning

  • Blog
  • Resources
  • Newsletter

Community

  • Discord
  • YouTube
  • About

Legal

  • Privacy Policy
  • Terms of Service

© 2026 Cyber Defense Tactics. All rights reserved.

A Carbene.AI Project

Back to ATT&CK Hub
T1027

Obfuscated Files or Information

Defense Evasion
Featured

Adversaries may attempt to make payloads difficult to discover or analyze by encoding, encrypting, or obfuscating contents.

View on MITRE ATT&CK

Real-World Example

Cobalt Strike beacons often use XOR encoding and base64 to obfuscate their payloads, evading signature-based detection.

Defense Strategies

  • Behavior-based detection
  • Sandboxing and dynamic analysis
  • Memory scanning
  • Machine learning detection models

Detection Methods

  • Detect encoding patterns in scripts
  • Monitor for suspicious encoding operations
  • Analyze entropy of files
  • Behavioral analysis of execution

Related Techniques in Defense Evasion

T1070

Indicator Removal

Ready to explore more techniques and join the community?