Revoke-Obfuscation v1.0
A PowerShell obfuscation detection framework designed to highlight the limitations of signature-based detection and provide a scalable means of detecting known and unknown obfuscation techniques.
Free751
Free751
Revoke-Obfuscation v1.0
A PowerShell obfuscation detection framework designed to highlight the limitations of signature-based detection and provide a scalable means of detecting known and unknown obfuscation techniques.
Data verified Apr 2026
ADYour product here. Reach security decision-makers.Launch a campaignRevoke-Obfuscation v1.0 Description
Revoke-Obfuscation is a PowerShell v3.0+ compatible PowerShell obfuscation detection framework. It was designed to highlight the limitations of a purely signature-based approach to detecting attackers' usage of PowerShell. It provides a new, scalable means of generically detecting both known and unknown obfuscation techniques. Authors: Daniel Bohannon (@danielhbohannon) Lee Holmes (@Lee_Homes) Research Blog Post: https://www.fireeye.com/blog/threat-research/2017/07/revoke-obfuscation-powershell.html White Paper: https://www.fireeye.com/content/dam/fireeye-www/blog/pdfs/revoke-obfuscation-report.pdf
Revoke-Obfuscation v1.0 FAQ
Common questions about Revoke-Obfuscation v1.0 including features, pricing, alternatives, and user reviews.
Revoke-Obfuscation v1.0 is A PowerShell obfuscation detection framework designed to highlight the limitations of signature-based detection and provide a scalable means of detecting known and unknown obfuscation techniques. It is a Security Operations solution designed to help security teams with Threat Research, Security Research, Obfuscation.
Have more questions? Browse our categories or search for specific tools.
