Specialized Malware: Code Injection
Designed for aspiring malware analysts and exploit developers, this course caters to individuals interested in the exploitation of the Win32 APIs to inject shellcode into remote processes.
What you'll learn
Understanding code injection in Windows and analyzing indicators of compromise (IOCs) is crucial for cybersecurity professionals aiming to defend against sophisticated attacks. In this course, Specialized Malware: Code Injection, you’ll learn to understand how hackers develop code injection exploits by using the Win32 APIs to inject code into the virtual memory of a remote process and trigger thread creation to run the code. You will be introduced to the tools you can use to extract IOCs from memory for analysis. First, you’ll explore the anatomy of code injection in the Windows operating system, gaining a comprehensive understanding of how these exploits operate at a fundamental level. Next, you’ll discover DLL Injection, including reflective injection, and learn how attackers use these methods to inject malicious code stealthily. Finally, you’ll learn advanced code injection techniques such as process hollowing, which allows malware to masquerade as legitimate processes. When you’re finished with this course, you’ll have the skills and knowledge of code injection needed to understand, develop, and analyze sophisticated code injection exploits, as well as extract valuable IOCs from memory for in-depth analysis.
Table of contents
About the author
John Tear is a seasoned offensive security specialist with over two decades of dedicated experience in the field of IT security and 7 years in cybersecurity. Possessing the coveted OSCE3 certification, John is a recognized authority in the UK civil nuclear sector at identifying vulnerabilities, exploiting those vulnerabilities, and helping defenders to protect their infrastructure.