Weaponizing Mapping Injection with Instrumentation Callback for stealthier process injection
I'm going to release and detail a stealthy process injection technique that uses a combination of two functions to achieve allocation primitive (that i have already described some time ago) CreateFileMapping() and MapViewOfFile2() ( well i have made some updates to use a stealthier version called MapViewOfFile3() ) and chain a very powerful execution primitive through the call NtSetInformationProcess().
https://splintercod3.blogspot.com/p/weaponizing-mapping-injection-with.html
#windows #injection #bypass #evasion #redteaming
I'm going to release and detail a stealthy process injection technique that uses a combination of two functions to achieve allocation primitive (that i have already described some time ago) CreateFileMapping() and MapViewOfFile2() ( well i have made some updates to use a stealthier version called MapViewOfFile3() ) and chain a very powerful execution primitive through the call NtSetInformationProcess().
https://splintercod3.blogspot.com/p/weaponizing-mapping-injection-with.html
#windows #injection #bypass #evasion #redteaming