다양한 Process Injection

카테고리 없음

다양한 Process Injection

wsoh9812 2022. 3. 31. 20:05

- PROPagate

http://www.hexacorn.com/blog/2017/10/26/propagate-a-new-code-injection-trick/

Hexacorn | Blog PROPagate – a new code injection trick

October 26, 2017 in Anti-*, Code Injection, Compromise Detection, EDR, Incident Response, Malware Analysis, Reversing, Sandboxing Executing code inside a different process space is typically achieved via an injected DLL /system-wide hooks, sideloading, etc

www.hexacorn.com

- FunctionStomping Injection

https://www.ired.team/offensive-security/code-injection-process-injection/modulestomping-dll-hollowing-shellcode-injection

Module Stomping for Shellcode Injection - Red Teaming Experiments

unsigned char shellcode[] =...

www.ired.team

https://rninche01.tistory.com/entry/%EB%8B%A4%EC%96%91%ED%95%9C-%EC%9D%B8%EC%A0%9D%EC%85%98-%EA%B8%B0%EC%88%A0

현재글다양한 Process Injection

NalDrv.sys, 악성코드, Driver Signature Enforcement, 필터드라이버, 악성코드 분석, DLL 하이재킹, Kernel Driver, Atombombing, uacbypass, uac-bypass, uac bypass, lazarus, 윈도우 드라이버, windbg명령어, DLL Hijacking, LAZARUS MALWARE, privilege escalation, 악성코드 분석보고서, hfiref0x, DSE,

Today :
Yesterday :

일	월	화	수	목	금	토
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31

내 블로그 - 관리자 홈 전환	`Q` `Q`
새 글 쓰기	`W` `W`

글 수정 (권한 있는 경우)	`E` `E`
댓글 영역으로 이동	`C` `C`

이 페이지의 URL 복사	`S` `S`
맨 위로 이동	`T` `T`
티스토리 홈 이동	`H` `H`
단축키 안내	`Shift` + `/` `⇧` + `/`

악성코드분석소