Windows process spoofing tricks

Описание к видео Windows process spoofing tricks

In this video we see how to spoof a process' command line arguments and parent process, and how to detect these.

References
~~~~~~~~~~~~~~
That Is Not My Child Process!
https://blog.didierstevens.com/2017/0...

Detecting Parent PID Spoofing with ETW
https://blog.f-secure.com/detecting-p...

Building an Office macro to spoof parent processes and command line arguments
https://blog.christophetd.fr/building...

How to Argue like Cobalt Strike
https://blog.xpnsec.com/how-to-argue-...
---------------------------------------------------------------------------------------------------
Follow us on Twitter :   / reversinghub  
Github : https://github.com/reversinghub

If you liked this video and you want to learn hands-on how to analyse malware, with real samples and practical exercises, find us on Udemy :

https://www.udemy.com/course/reverse-...

---------------------------------------------------------------------------------------------------

Want to support us continue to make great content? Buy us a coffee :
https://ko-fi.com/reversinghub

Thank you 🙏

Комментарии

Информация по комментариям в разработке