Process Injection - Reflective DLL Injection

Process Injection - DLL Injection DLL Injection is a kind of process injection techniques but unlike loading shellcode into a running process, DLL Injection involves injecting and loading a malicio...

Process Injection (ShellCode) - QueueUserAPC APC (Asynchronous Procedure Call) on Windows involves threads having APC queues for functions that execute only under specific thread conditions. When ...

Process Injection - Shellcode In this blog, we are going to discuss how we can perform a generic shellcode injection inside a running process and the functions needed to do it. Generally, shellco...

Process Injection It is a technique to inject malicious code (can be on any form, ex shellcode, DLLs) into the legitimate process. It executes the code in the address space of the running process ...

Module Enumeration We have already discussed different ways to enumerate processes, and one additional enumeration crucial for offensive programming is the enumeration of modules inside processes. ...

Native APIs Most of the time, when we develop code to interact with the Windows API, we use the Kernel32 library, which includes thousands of documented Windows APIs. However, the Windows system co...

EnumProcess Function Windows also contains the additional API EnumProcesses to gather the process IDs for every running process in the system. It is one of the simplest and easiest functions to gat...

Windows Terminal Services - WTS API Windows also contains WTSEnumerateProcessesExW function to gather inforamtion about currently active processes on the remote session via RDP or Virualization. It...

This blog assumes that the reader has a general knowledge of C++ and system internals. For an initial overview, you can refer to this blog. However, it is still under development. Process Enumerat...