This is an overview to common process injection techniques used by malware, including AtomBombing, Process Hollowing aka RunPE, Process Doppelgänging.
My malware analysis course for beginners: www.udemy.com/course/windows-...
Buy me a coffee: ko-fi.com/struppigel
Follow me on Twitter: / struppigel
My process Injection overview infographic: struppigel.blogspot.com/2017/0...
Process Injection Techniques Gotta Catch Them All: i.blackhat.com/USA-19/Thursda...
Atom bombing: www.fortinet.com/blog/threat-...
Atom bombing: www.enisa.europa.eu/publicati...
Process Doppelgänging: hshrzd.wordpress.com/2017/12/...
Hasherezade's video on creating the illusion of executing a TXT file: • Lost in Transaction: P...
DLL injection en.wikipedia.org/wiki/DLL_inj...
DLL Injection via LoadLibrary/CreateRemoteThread: www.codeproject.com/Articles/...
DLL Search Order Hijacking (DLL injection that is not process injection): dmcxblue.gitbook.io/red-team-...
Backdooring PE files with shellcode (code injection that is not process injection): www.ired.team/offensive-secur...
Негізгі бет Ғылым және технология Malware Theory - Process Injection
Пікірлер: 33