nganhkhoa/mether049-malware
1
0
Fork 0
mirror of https://github.com/nganhkhoa/malware.git synced 2024-06-10 21:32:07 +07:00
Code Issues Projects Releases Wiki Activity

Update malware-tech_ref_and_memo.md

Browse Source
This commit is contained in:
mether049 2020-07-31 19:38:27 +09:00 committed by GitHub
parent 10724e73a7
commit 731ea213f4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
malware-tech_ref_and_memo.md
View File

@ -18,6 +18,8 @@
[Ten Process Injection Techniques: A Technical Survey Of Common And Trending Process Injection Techniques](https://www.endgame.com/blog/technical-blog/ten-process-injection-techniques-technical-survey-common-and-trending-process) [Ten Process Injection Techniques: A Technical Survey Of Common And Trending Process Injection Techniques](https://www.endgame.com/blog/technical-blog/ten-process-injection-techniques-technical-survey-common-and-trending-process)
- プログラムベースの説明<br> - プログラムベースの説明<br>
[Code & Process Injection,Red Teaming Experiments](https://ired.team/offensive-security/code-injection-process-injection) [Code & Process Injection,Red Teaming Experiments](https://ired.team/offensive-security/code-injection-process-injection)
- 環境変数とコマンドラインのProcess Injectionへの活用
[Windows Process Injection: Command Line and Environment Variables](https://modexp.wordpress.com/2020/07/31/wpi-cmdline-envar/)
### Dll Injection ### Dll Injection
- 正規プロセス探索->プロセスのハンドル取得->メモリ領域確保->悪性DLL注入->実行 - 正規プロセス探索->プロセスのハンドル取得->メモリ領域確保->悪性DLL注入->実行