Bypassing AV/EDR bingo - Call List

(Print) Use this randomly generated list as your call list when playing the game. There is no need to say the BINGO column name. Place some kind of mark (like an X, a checkmark, a dot, tally mark, etc) on each cell as you announce it, to keep track. You can also cut out each item, place them in a bag and pull words from the bag.

1. AMSI Patching
2. APC injection / Atombombing
3. Hook Injection
4. Direct Syscalls
5. Process Injection
6. String concatenation
7. DLL injection
8. Hooking/ Unhooking
9. Dynamic API resolving
10. Uncommon programming language
11. Code signing bypass
12. Packing
13. ETWTi Patching
14. Kernel callbacks
15. Encoding
16. Process Mitigation Policy
17. P/Invoke & D/Invoke
18. VM-based code execution
19. PE injection
20. Breaking process-child relationship
21. PPID spoofing
22. Run-time binary modification
23. Encryption
24. Compression