Bypassing AV/EDR bingo - Call List

(Print) Use this randomly generated list as your call list when playing the game. There is no need to say the BINGO column name. Place some kind of mark (like an X, a checkmark, a dot, tally mark, etc) on each cell as you announce it, to keep track. You can also cut out each item, place them in a bag and pull words from the bag.

1. PPID spoofing
2. Direct Syscalls
3. Breaking process-child relationship
4. Dynamic API resolving
5. APC injection / Atombombing
6. Encryption
7. Process Mitigation Policy
8. Encoding
9. String concatenation
10. VM-based code execution
11. Compression
12. Kernel callbacks
13. Run-time binary modification
14. Hooking/ Unhooking
15. Packing
16. P/Invoke & D/Invoke
17. Code signing bypass
18. DLL injection
19. Uncommon programming language
20. ETWTi Patching
21. Hook Injection
22. PE injection
23. AMSI Patching
24. Process Injection