Process Injection - Reflective DLL Injection
Offensive C++ - Process Injection - DLL Injection
Process Injection - DLL Injection DLL Injection is a kind of process injection techniques but unlike loading shellcode into a running process, DLL Injection involves injecting and loading a malicio...
Offensive C++ - Process Injection (ShellCode) - QueueUserAPC
Process Injection (ShellCode) - QueueUserAPC APC (Asynchronous Procedure Call) on Windows involves threads having APC queues for functions that execute only under specific thread conditions. When ...
Offensive C++ - Process Injection (ShellCode)
Process Injection - Shellcode In this blog, we are going to discuss how we can perform a generic shellcode injection inside a running process and the functions needed to do it. Generally, shellco...
Offensive C++ - Process Injection
Process Injection It is a technique to inject malicious code (can be on any form, ex shellcode, DLLs) into the legitimate process. It executes the code in the address space of the running process ...
Offensive C++ - Process Modules Enumeration
Module Enumeration We have already discussed different ways to enumerate processes, and one additional enumeration crucial for offensive programming is the enumeration of modules inside processes. ...
Offensive C++ - Process Enumeration (The Native NtQuerySytemInformation)
Native APIs Most of the time, when we develop code to interact with the Windows API, we use the Kernel32 library, which includes thousands of documented Windows APIs. However, the Windows system co...
Offensive C++ - Process Enumeration (EnumProcess Function)
EnumProcess Function Windows also contains the additional API EnumProcesses to gather the process IDs for every running process in the system. It is one of the simplest and easiest functions to gat...
Offensive C++ - Process Enumeration (Windows Terminal Services API)
Windows Terminal Services - WTS API Windows also contains WTSEnumerateProcessesExW function to gather inforamtion about currently active processes on the remote session via RDP or Virualization. It...
Offensive C++ - Process Enumeration (ToolHelp32 Function)
This blog assumes that the reader has a general knowledge of C++ and system internals. For an initial overview, you can refer to this blog. However, it is still under development. Process Enumerat...