The first argument of a program’s command line, typically reflecting the program’s name/path and often referred to as argv[0], can in most cases be set to an arbitrary value without affecting the process’ flow. Making the case against argv[0], this post demonstrates how it can be used to deceive security analysts, bypass detections and break defensive software, across all main operating systems.