GET /api/techniques/32/?format=api
HTTP 200 OK
Allow: GET, PUT, PATCH, DELETE, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept
{
"id": 32,
"key": "checking-installed-software",
"unprotect_id": "U1314",
"name": "Checking Installed Software",
"description": "By detecting the presence of certain software and tools commonly used in sandbox environments, such as Python interpreters, tracing utilities, debugging tools, and virtual machine software like VMware, it is possible to infer the existence of a sandbox. \r\n\r\nThis inference is based on the premise that such tools are often found in sandbox setups used for dynamic malware analysis but are less common in regular user environments.",
"resources": "https://www.theguardian.com/technology/blog/2011/nov/08/sandboxing-malware-failure\r\nhttps://evasions.checkpoint.com/techniques/human-like-behavior.html",
"creation_date": "2019-03-11T08:15:36Z",
"tags": "installed software, sandbox",
"modification_date": "2024-01-16T04:21:02.068000Z",
"category": [
1
],
"rules": [
153
],
"attachments": [],
"featured_api": [
315,
321,
328,
331
],
"contributors": [
33
]
}
