Understanding Process Injection

Process injection is a technique used by attackers to inject malicious code into the memory space of a running process. Unlike process hollowing, which replaces the entire executable image of a process, process injection allows the attacker to run their payload within an existing process without altering its main execution flow. This technique is widely

Understanding Process Hollowing

Process hollowing is a stealthy technique used in malware development where an attacker starts a legitimate process and then replaces its executable code with malicious code. This allows the attacker to run their payload while maintaining the illusion that a trusted application is running. To understand how this works, we need to look at how

AMSI

Introduction à Windows Antimalware Scan Interface (AMSI) et Implémentation d’un POC en C++