This is where I post about interesting things I’m learning or doing, mostly in the realm of cyber security, but also some programming and technology in general. I hope some of it is useful to you.
In this article, we will build upon what we learned in the previous article, “Introduction to Win32 API,” and learn how to inject shellcode into an existing process. Process injection is useful because it allows us to run our malicious code from within a trusted process, making it much more evasive.
If you missed it, you can find the previous article here.
Process Injection # In the last post, we talked about how each process has its own virtual address space.
For my first real post, I am going to explain the basics of processes, threads, handles, and the Win32 API. These concepts are fundamental to learning how to manipulate other running processes in order to establish persistence, evade detection, and much more.
i.e. Malware
Processes # What is a process? # Each process is an instance of an executing program that has its own memory space and system resources. These processes are managed by the operating system, which allocates resources and schedules their execution.
I’ve been thinking about starting a blog for awhile now and figured it was about time to actually do it, mostly to keep track of the things I learn and share it with others.
I really wanted to avoid bloated content sites such as Wordpress and much preferred the idea of a static site. After a little research, I discovered a project called Hugo which offers easy static site generation with posts written in markdown.