PwC安全技术小组
  • PwC安全技术小组须知
  • 技术
    • 技术 - Web安全测试技术点
      • XS-Search
      • XSSI (Cross-Site Script Inclusion)
      • XSS (Cross Site Scripting)
        • PDF Injection
        • DOM XSS
        • Server Side XSS (Dynamic PDF)
        • XSS Tools
      • XXE - XEE - XML External Entity
      • XSLT Server Side Injection (Extensible Stylesheet Languaje Transformations)
      • XPATH injection
      • Web Tool - WFuzz
      • Unicode Normalization vulnerability
      • SSTI (Server Side Template Injection)
      • SSRF (Server Side Request Forgery)
      • SQL Injection
        • MSSQL Injection
        • Oracle injection
        • PostgreSQL injection
          • dblink/lo_import data exfiltration
          • PL/pgSQL Password Bruteforce
          • Network - Privesc, Port Scanner and NTLM chanllenge response disclosure
          • Big Binary Files Upload (PostgreSQL)
          • RCE with PostgreSQL Extensions
        • MySQL injection
          • Mysql SSRF
        • SQLMap - Cheetsheat
        • sqlmap
          • Second Order Injection - SQLMap
      • Reset/Forgotten Password Bypass
      • Regular expression Denial of Service - ReDoS
      • Rate Limit Bypass
      • Race Condition
      • PostMessage Vulnerabilities
      • Parameter Pollution
      • OAuth to Account takeover
      • LDAP Injection
      • NoSQL injection
      • JWT Vulnerabilities (Json Web Tokens)
      • IDOR
      • HTTP Request Smuggling / HTTP Desync Attack
      • Formula Injection
      • File Upload
        • PDF Upload - XXE and CORS bypass
      • File Inclusion/Path traversal
        • phar:// deserialization
        • LFI - Linux List
      • Email Header Injection
      • Deserialization
        • Java JSF ViewState (.faces) Deserialization
        • NodeJS - __proto__ & prototype Pollution
        • Basic Java Deserialization (ObjectInputStream, readObject)
        • Java DNS Deserialization, GadgetProbe and Java Deserialization Scanner
        • CommonsCollection1 Payload - Java Transformers to Rutime exec() and Thread Sleep
        • Basic .Net deserialization (ObjectDataProvider gadget, ExpandedWrapper, and Json.Net)
        • Exploiting __VIEWSTATE knowing the secrets
        • Exploiting __VIEWSTATE without knowing the secrets
      • Domain/Subdomain takeover
      • CSRF (Cross Site Request Forgery)
      • Dangling Markup - HTML scriptless injection
      • CRLF (%0D%0A) Injection
      • Cross-site WebSocket hijacking (CSWSH)
      • CORS - Misconfigurations & Bypass
      • Cookies Hacking
      • Content Security Policy (CSP) Bypass
      • Client Side Template Injection (CSTI)
      • Command Injection
      • Clickjacking
      • Cache Poisoning and Cache Deception
      • Captcha Bypass
      • Bypass Payment Process
      • Abusing hop-by-hop headers
      • 2FA/OTP Bypass
    • 技术 - 安全开发知识库
      • 代码审计
        • Cobra安装与使用
        • 智能合约代码审计
        • FindSecBugs安装与使用
        • SonarQube踩坑记
        • SonarQube安装与使用
      • 移动安全
        • 移动安全扫描
        • 移动安全工具
      • 安全开发
        • API网关
        • API网关设计
      • 安全防护
        • 全站https
        • waf
        • waf
        • waf
      • 安全测试
        • API安全测试
        • APP安全测试
        • 安全测试checklist
        • DAST&SAST&IAST
        • tools-skills
          • APP脱壳技巧
          • https抓包
          • 抓包技巧
          • 信息泄漏漏洞利用
          • Web安全工具
      • 漏洞管理
    • 技术 - 红队攻击手段介绍
      • offensive-security-experiments
        • Active Directory & Kerberos Abuse
        • Pentesting Cheatsheets
        • active-directory-kerberos-abuse
          • From Domain Admin to Enterprise Admin
          • Kerberoasting
          • Kerberos: Golden Tickets
          • Kerberos: Silver Tickets
          • AS-REP Roasting
          • Kerberoasting: Requesting RC4 Encrypted TGS when AES is Enabled
          • Kerberos Unconstrained Delegation
          • Kerberos Constrained Delegation
          • Kerberos Resource-based Constrained Delegation: Computer Object Take Over
          • Domain Compromise via DC Print Server and Kerberos Delegation
      • offensive-security
        • Red Team Infrastructure
        • Initial Access
        • Code Execution
        • Code & Process Injection
        • Defense Evasion
        • Enumeration and Discovery
        • Privilege Escalation
        • Credential Access & Dumping
        • Lateral Movement
        • Persistence
        • Exfiltration
      • miscellaneous-reversing-forensics
        • Windows / OS Internals
        • Cloud
        • Neo4j
        • Dump Virtual Box Memory
        • AES Encryption Using Crypto++ .lib in Visual Studio C++
        • Reversing Password Checking Routine
  • 工具
    • 工具 - BloodHound基础使用
    • 工具 - CobaltStrike基础使用
      • 目录
      • Cobalt Strike简介
      • Cobalt Strike基本使用
      • Cobalt Strike Beacon命令
      • Cobalt Strike脚本使用
      • Cobalt Strike脚本编写
      • Cobalt Strike扩展
      • Cobalt Strike原理介绍
        • 介绍
        • Payload生成分析
      • Cobalt Strike攻击防御
      • 说明
      • cobalt-strikejiao-ben-bian-xie
        • COM劫持利用脚本编写
        • aggressor-script文档翻译
        • ArtifactPayloadGenerator.cna脚本bug修复
        • TODO
      • cobalt-strikeji-ben-shi-yong
        • 界面功能介绍
        • CS4.0功能演示
        • 监听器(Listener)
      • cobalt-strikekuo-zhan
        • Malleable C2
        • External C2
        • CS证书相关
        • CS Beacon和监听器
        • 转发重定向
        • CDN代理转发
        • CDN与转发器
        • CS部分功能启用
        • CS检测工具CobaltStrikeScan绕过
        • 联动Core impact
由 GitBook 提供支持
在本页

这有帮助吗?

  1. 技术
  2. 技术 - 红队攻击手段介绍
  3. offensive-security

Code & Process Injection

上一页Code Execution下一页Defense Evasion

最后更新于4年前

这有帮助吗?

Here are the articles in this section:

CreateRemoteThread Shellcode InjectionInjecting shellcode into a local process.
DLL InjectionInjecting DLL into a remote process.
Reflective DLL InjectionLoading DLL from memory
Shellcode Reflective DLL Injection
Process Doppelganging
Loading and Executing Shellcode From PE Resources
Process Hollowing and Portable Executable RelocationsCode injection, evasion
APC Queue Code Injection
Early Bird APC Queue Code Injection
Shellcode Execution in a Local Process with QueueUserAPC and NtTestAlert
Shellcode Execution through Fibers
Shellcode Execution via CreateThreadpoolWait
Local Shellcode Execution without Windows APIs
Injecting to Remote Process via Thread Hijacking
SetWindowHookEx Code Injection
Finding Kernel32 Base and Function Addresses in Shellcode
Executing Shellcode with Inline Assembly in C/C++
Writing Custom Shellcode Encoders and Decoders
Backdooring PE Files with Shellcode
NtCreateSection + NtMapViewOfSection Code Injection
AddressOfEntryPoint Code Injection without VirtualAllocEx RWXCode Injection
Module Stomping for Shellcode InjectionCode Injection
PE Injection: Executing PEs inside Remote ProcessesCode Injection
API Monitoring and Hooking for Offensive Tooling
Windows API Hooking
Import Adress Table (IAT) Hooking
DLL Injection via a Custom .NET Garbage Collector
Writing and Compiling Shellcode in C
Injecting .NET Assembly to an Unmanaged Process