Security audit events explained
The Security Audit report shows the events detected by the Advanced Anti-Exploit module grouped under the following categories:
Exploit - ROP
This category encapsulates the detections by the following exploit techniques:
ROP Emulation
ROP Stack Pivot
ROP Illegal call
ROP Stack Misaligned
ROP Return To Stack
ROP Make Stack Executable
ROP Create Thread
Exploit - Flash
This category encapsulates the detections by the following exploit techniques:
Flash Generic
Flash Payload
Exploit - Shellcode
This category encapsulates the detections by the following exploit techniques:
Shellcode Execution
Shellcode LoadLibrary
Exploit - Process Creation
This category encapsulates the detections by the following exploit techniques:
Obsolete Process Creation
Child Process Creation
Exploit - System
This category encapsulates the detections by the following exploit techniques:
Privilege Escalation
LSASS memory access
Exploit - Others
This category encapsulates the detections by the following exploit techniques:
Anti-Detour
Anti-Meterpreter