Red Teaming Experiments
Red Teaming Experiments
linkedin
github
@kondencuotas
About /?
Pinned
Pentesting Cheatsheets
Active Directory & Kerberos Abuse
offensive security
Red Team Infrastructure
Initial Access
Code Execution
Code & Process Injection
CreateRemoteThread Shellcode Injection
DLL Injection
Reflective DLL Injection
Shellcode Reflective DLL Injection
Process Doppelganging
Loading and Executing Shellcode From PE Resources
T1093: Process Hollowing and Portable Executable Relocations
APC Queue Code Injection
Early Bird APC Queue Code Injection
Shellcode Execution in a Local Process with QueueUserAPC and NtTestAlert
SetWindowHookEx Code Injection
Finding Kernel32 Base and Function Addresses in Shellcode
Executing Shellcode with Inline Assembly in C/C++
Backdooring PE Files with Shellcode
NtCreateSection + NtMapViewOfSection Code Injection
Windows API Hooking
Defense Evasion
Enumeration and Discovery
Privilege Escalation
Credential Access & Dumping
Lateral Movement
Persistence
Exfiltration
miscellaneous
Process Environment Block
Parsing PE File Headers with C++
Exploring Injected Threads
Dump Virtual Box Memory
AES Encryption Using Crypto++ .lib in Visual Studio C++
Reversing Password Checking Routine
Powered by GitBook

Code & Process Injection

Here are the articles in this section:
CreateRemoteThread Shellcode Injection
Injecting shellcode into a local process.
DLL Injection
Injecting DLL into a remote process.
Reflective DLL Injection
Loading DLL from memory rather than disk.
Shellcode Reflective DLL Injection
Process Doppelganging
Loading and Executing Shellcode From PE Resources
T1093: Process Hollowing and Portable Executable Relocations
Code injection, evasion
APC Queue Code Injection
Early Bird APC Queue Code Injection
Shellcode Execution in a Local Process with QueueUserAPC and NtTestAlert
SetWindowHookEx Code Injection
Finding Kernel32 Base and Function Addresses in Shellcode
Executing Shellcode with Inline Assembly in C/C++
Backdooring PE Files with Shellcode
NtCreateSection + NtMapViewOfSection Code Injection
Windows API Hooking
Previous
T1216: pubprn.vbs Signed Script Code Execution
Next
CreateRemoteThread Shellcode Injection
Last updated -1