Code injection on Windows using Python: a simple example

Recently i had to perform some comparative tests on a couple of whitelisting solutions.

One of the crucial step of the test was the proper functioning of memory monitoring feature, useful in case of process injection: infact, when a trusted process has been started, an attacker may use it as vector for inject a malicious code.

In order to perform this check, i’ve decided to wrote a little PoC for 32bit systems dedicated to this test.

Continue…