Malware Theory - Process Injection

Показать описание

This is an overview to common process injection techniques used by malware, including AtomBombing, Process Hollowing aka RunPE, Process Doppelgänging.

Рекомендации по теме

Комментарии

This is an overview to all common process injection techniques used by malware, including AtomBombing, Process Hollowing aka RunPE, Process Doppelgänging.

MalwareAnalysisForHedgehogs

This is a fantastic diagram for explaining how things work, I wish I had though of this! I really like these new "explainer" videos you have been doing with deep dives into each topic : )

OALABS

This video covers only the surface - throughout the past months my mind has opened to so many new techniques that you would never imagine.

duckydev

Good job, the visual parts and the explanations were so helpful. 🙏

atfghndhri

This is such a wonderful work and an awesome explanation. Thanks for this!!

hariharasudhan

Such as great explanation with sort of API's in easy way. great effort.. "claps" for your work

ashwinkumar

What is the stealthiest process injection method in you opinion? (Even the ones not included in this video)
Thx!

martinheidegger

I'm currently learning a bit about Win32 Programming and I find it hilarious that all these injection types have dedicated functions to execute them, I always thought you'd have to do a lot of trickery to do something like that. Also, is there no windows built-in security check that prevents you from easily writing to another processes' memory? Or is that only done by AV's?

avaze

What about stack bombing and herpaderping

spidertube

It's a shame there's no discord in the description, I know a couple more ways to do process injection that I would be happy to share with you! (Some don't even require a handle)
All in all it's a really good video and way to explain them, I'm impressed by your research as I did the same..
Nice video as always :)

Thomas-bfob