Process Injection Techniques: Deep Dive into Process Hollowing & Shellcode

Sdílet
Vložit
  • čas přidán 6. 09. 2024
  • An advanced form of process injection used by malicious actors and red teamers to evade detection is process hollowing. This technique leverages a combination of documented and undocumented Windows APIs. Process hollowing involves starting a legitimate process in a suspended state, then replacing its original code with malicious code from the attacker. This makes the process appear legitimate to security software or anyone investigating system activity.
    Shellcode is commonly used to both perform process hollowing and as the code that is executed in the hollowed process. Shellcode inherently provides a layer of obfuscation through the special techniques it has to perform in order to operate.
    In this session, we'll delve into the inner workings of process hollowing, exploring how attackers leverage it to bypass detection. We'll also explore the world of shellcode and its unique characteristics.
    Josh's training: ringzer0.train...
  • Zábava

Komentáře • 4

Další v pořadí
Automatické přehrávání
Creative Windows Evasion and Forensics with Yarden Shafir1:14:19Creative Windows Evasion and Forensics with Yarden Shafir
Creative Windows Evasion and Forensics with Yarden ShafirOff By One Security
zhlédnutí 2,5K
ATT&CK Deep Dive: Process Injection1:05:08ATT&CK Deep Dive: Process Injection
ATT&CK Deep Dive: Process InjectionRed Canary
zhlédnutí 10K
IDA Pro Productivity Tips & Tricks!1:43:23IDA Pro Productivity Tips & Tricks!
IDA Pro Productivity Tips & Tricks!Off By One Security
zhlédnutí 1,3K
Wait for it… 😱 #shorts00:14Wait for it… 😱 #shorts
Wait for it… 😱 #shortsBugworkout
zhlédnutí 2,2M
Něco na posilnění! 😅00:35Něco na posilnění! 😅
Něco na posilnění! 😅prima+
zhlédnutí 171K
Throwing Swords From My Blue Cybertruck00:32Throwing Swords From My Blue Cybertruck
Throwing Swords From My Blue CybertruckMini Katana
zhlédnutí 11M
KONEC PRÁZDNIN…00:50KONEC PRÁZDNIN…
KONEC PRÁZDNIN…Attack
zhlédnutí 416K
Introduction to Fuzzing1:42:28Introduction to Fuzzing
Introduction to FuzzingOff By One Security
zhlédnutí 3,1K
Binary Ninja Sidekick: Reverse Engineering Malware with Large Language Models19:39Binary Ninja Sidekick: Reverse Engineering Malware with Large Language Models
Binary Ninja Sidekick: Reverse Engineering Malware with Large Language ModelsInvoke RE
zhlédnutí 1,1K
Needles Without The Thread: Threadless Process Injection - Ceri Coburn27:49Needles Without The Thread: Threadless Process Injection - Ceri Coburn
Needles Without The Thread: Threadless Process Injection - Ceri CoburnBsides Cymru
zhlédnutí 2,3K
Windows Red Team - Dynamic Shellcode Injection & PowerShell Obfuscation36:54Windows Red Team - Dynamic Shellcode Injection & PowerShell Obfuscation
Windows Red Team - Dynamic Shellcode Injection & PowerShell ObfuscationHackerSploit
zhlédnutí 26K
Buffer Overflow Hacking Tutorial (Bypass Passwords)55:39Buffer Overflow Hacking Tutorial (Bypass Passwords)
Buffer Overflow Hacking Tutorial (Bypass Passwords)David Bombal
zhlédnutí 73K
Malware development 101: Creating your first ever MALWARE28:00Malware development 101: Creating your first ever MALWARE
Malware development 101: Creating your first ever MALWARELeet Cipher
zhlédnutí 332K
Ask me anything... Let's talk about anything to do with security... Random guests welcome...1:30:09Ask me anything... Let's talk about anything to do with security... Random guests welcome...
Ask me anything... Let's talk about anything to do with security... Random guests welcome...Off By One Security
zhlédnutí 1,1K
The Pool Party You Will Never Forget: New Process Injection Techniques Using Windows Thread Pools35:22The Pool Party You Will Never Forget: New Process Injection Techniques Using Windows Thread Pools
The Pool Party You Will Never Forget: New Process Injection Techniques Using Windows Thread PoolsBlack Hat
zhlédnutí 2,7K
NSA Releases Internal 1982 Lecture by Computing Pioneer Rear Admiral Grace Hopper1:29:36NSA Releases Internal 1982 Lecture by Computing Pioneer Rear Admiral Grace Hopper
NSA Releases Internal 1982 Lecture by Computing Pioneer Rear Admiral Grace HopperThe Black Vault Originals
zhlédnutí 128K
鱿鱼游戏谁能坚持到最后呢!#火影忍者 #佐助 #家庭00:47鱿鱼游戏谁能坚持到最后呢!#火影忍者 #佐助 #家庭
鱿鱼游戏谁能坚持到最后呢!#火影忍者 #佐助 #家庭火影忍者一家
zhlédnutí 18M
Jason Statham Nearly Drowned Mid-Scene00:45Jason Statham Nearly Drowned Mid-Scene
Jason Statham Nearly Drowned Mid-SceneViralvault
zhlédnutí 4,5M
Lauberová Zase Hodila Hov*a!💩00:27Lauberová Zase Hodila Hov*a!💩
Lauberová Zase Hodila Hov*a!💩MGFitman
zhlédnutí 87K
Robbery #shorts #starman #starmanmeme #fyp #trending #shortsfeed00:20Robbery #shorts #starman #starmanmeme #fyp #trending #shortsfeed
Robbery #shorts #starman #starmanmeme #fyp #trending #shortsfeedAI Imagine Art
zhlédnutí 15M
which one is correct? #shorts #deadpool00:12which one is correct? #shorts #deadpool
which one is correct? #shorts #deadpoolARToonz
zhlédnutí 46M
Cristiano Ronaldo Surpassed Me! #shorts00:17Cristiano Ronaldo Surpassed Me! #shorts
Cristiano Ronaldo Surpassed Me! #shortsPANDA BOI
zhlédnutí 13M
Ping Pong Trick Shot! (7 Nation Army)00:26Ping Pong Trick Shot! (7 Nation Army)
Ping Pong Trick Shot! (7 Nation Army)Landen Purifoy
zhlédnutí 25M
Instant Karma in Armwrestling #armwrestling #motivation #karma #edit #shorts00:28Instant Karma in Armwrestling #armwrestling #motivation #karma #edit #shorts
Instant Karma in Armwrestling #armwrestling #motivation #karma #edit #shortsarmwrestlingmutants
zhlédnutí 86M