"whoami"
("whoami")
who"a"mi
who"a"^mi

Double quotation marks. Brackets. The XOR combination can execute the command normally
and cannot add two. Will be treated as an escape character. Become a

Variable bypass

set a=1
echo a
echo %a%

set a=w
set b=ahomi
%a%%b%

Use environment variables to bypass.

All environment variables can be viewed via set
echo net%programfiles:~10,1%user
Takes the environment variables of programfiles starting with the 10th bit. Take one bit. It is a space. Then it becomes net user