Red Teaming Experiments
Red Teaming Experiments
linkedin
github
@spotheplanet
patreon
What is this?
Pinned
Pentesting Cheatsheets
Active Directory & Kerberos Abuse
offensive security
Red Team Infrastructure
Initial Access
Code Execution
Code & Process Injection
CreateRemoteThread Shellcode Injection
DLL Injection
Reflective DLL Injection
Shellcode Reflective DLL Injection
Process Doppelganging
Loading and Executing Shellcode From PE Resources
Process Hollowing and Portable Executable Relocations
APC Queue Code Injection
Early Bird APC Queue Code Injection
Shellcode Execution in a Local Process with QueueUserAPC and NtTestAlert
Shellcode Execution through Fibers
SetWindowHookEx Code Injection
Finding Kernel32 Base and Function Addresses in Shellcode
Executing Shellcode with Inline Assembly in C/C++
Backdooring PE Files with Shellcode
NtCreateSection + NtMapViewOfSection Code Injection
AddressOfEntryPoint Code Injection without VirtualAllocEx RWX
Module Stomping for Shellcode Injection
PE Injection: Executing PEs inside Remote Processes
API Monitoring and Hooking for Offensive Tooling
Windows API Hooking
Import Adress Table (IAT) Hooking
DLL Injection via a Custom .NET Garbage Collector
Injecting .NET Assembly to an Unmanaged Process
Defense Evasion
Enumeration and Discovery
Privilege Escalation
Credential Access & Dumping
Lateral Movement
Persistence
Exfiltration
reversing, forensics & misc
Windows Kernel
Exploring Process Environment Block
ETW: Event Tracing for Windows 101
Parsing PE File Headers with C++
Exploring Injected Threads
Dump Virtual Box Memory
AES Encryption Using Crypto++ .lib in Visual Studio C++
Reversing Password Checking Routine
Powered by GitBook

Code & Process Injection

Here are the articles in this section:
CreateRemoteThread Shellcode Injection
Injecting shellcode into a local process.
DLL Injection
Injecting DLL into a remote process.
Reflective DLL Injection
Loading DLL from memory
Shellcode Reflective DLL Injection
Process Doppelganging
Loading and Executing Shellcode From PE Resources
Process Hollowing and Portable Executable Relocations
Code injection, evasion
APC Queue Code Injection
Early Bird APC Queue Code Injection
Shellcode Execution in a Local Process with QueueUserAPC and NtTestAlert
Shellcode Execution through Fibers
SetWindowHookEx Code Injection
Finding Kernel32 Base and Function Addresses in Shellcode
Executing Shellcode with Inline Assembly in C/C++
Backdooring PE Files with Shellcode
NtCreateSection + NtMapViewOfSection Code Injection
AddressOfEntryPoint Code Injection without VirtualAllocEx RWX
Code Injection
Module Stomping for Shellcode Injection
Code Injection
PE Injection: Executing PEs inside Remote Processes
Code Injection
API Monitoring and Hooking for Offensive Tooling
Windows API Hooking
Import Adress Table (IAT) Hooking
DLL Injection via a Custom .NET Garbage Collector
Injecting .NET Assembly to an Unmanaged Process
Previous
T1216: pubprn.vbs Signed Script Code Execution
Next
CreateRemoteThread Shellcode Injection
Last updated 2 years ago