Advanced Process Injection Techniques

Описание: "Advanced Process Injection Techniques" is a hands-on workshop focused on providing candidates insights about the APT tactics & techniques on the privilege escalation & persistence phase. This workshop is a quick deep-dive into the Microsoft windows world of process, memory and internals. There are 7 hands-on labs focused on host-level injection techniques, the candidates will learn how to develop custom trade-craft that stealthily input implants and escalate privileges.

The workshop outline are as follows :

1) PE Basics (10 minutes) 2) 7 Process Injection Labs (2 hr : 50 minutes) - APC Code Injection (25 min) - Module Stomping (25 min) - Process Hollowing (15 min) - Process Doppelganging (30 min) - Transacted Hollowing (20 min) - Process Herpaderping (20 min) - Process Ghosting (10 min)

The lab content / lab material are listed here : https://github.com/RedTeamOperations/...

For any feedback / clarifications please contact [email protected]

Pre-requisites/assumed knowledge:
Intermediate to Advanced level knowledge is required.

1) Familiarity with windows internals (but not mandatory) 2) PE basics (but now mandatory)

Participants should prepare by:
The details are mentioned here : https://docs.google.com/document/d/1b...

Participants must have the following equipment:
The details are mentioned here : https://docs.google.com/document/d/1b...