In my previous post “Code injection on Windows using Python: a simple example“, i’ve explored the ctype python library and the usage of Windows API in order to perform a code injection on 32bit systems.
All tests was performed using shellcodes generated by metasploit or found on some online repository, i ask myself:
“Is it possible to generate the shellcode directly into my python script?”
Continue reading “pycodeinjector: a simple python Code Injection library”
Recently i had to perform some comparative tests on a couple of whitelisting solutions.
One of the crucial step of the test was the proper functioning of memory monitoring feature, useful in case of process injection: infact, when a trusted process has been started, an attacker may use it as vector for inject a malicious code.
In order to perform this check, i’ve decided to wrote a little PoC for 32bit systems dedicated to this test.
Continue reading “Code injection on Windows using Python: a simple example”
DLL (Dynamic-link library) are the Microsoft’s implementation of the shared library concept and provide a mechanism for shared code and data, allowing a developer of shared code/data to upgrade functionality without requiring applications to be re-linked or re-compiled.
Continue reading “What is Reflective DLL Injection and how can be detected?”