This is an overview to all common process injection techniques used by malware, including AtomBombing, Process Hollowing aka RunPE, Process Doppelgänging. Buy me a coffee: ko-fi.com/struppigel Follow me on Twitter: twitter.com/struppigel My process Injection overview infographic: struppigel.blogspot.com/2017/07/process-injection-info-graphic.html Process Injection Techniques Gotta Catch Them All: i.blackhat.com/USA-19/Thursday/us-19-Kotler-Process-Injection-Techniques-Gotta-Catch-Them-All.pdf Atom bombing: www.fortinet.com/blog/threat-research/atombombing-brand-new-code-injection-technique-for-windows Atom bombing: www.enisa.europa.eu/publications/info-notes/atombombing-2013-a-new-code-injection-attack Process Doppelgänging: hshrzd.wordpress.com/2017/12/18/process-doppelganging-a-new-way-to-impersonate-a-process/ Hasherezade's video on creating the illusion of executing a TXT file: kzbin.info/www/bejne/jp66gJ1jmMucrtU DLL injection en.wikipedia.org/wiki/DLL_injection DLL Injection via LoadLibrary/CreateRemoteThread: www.codeproject.com/Articles/4610/Three-Ways-to-Inject-Your-Code-into-Another-Proces DLL Search Order Hijacking (DLL injection that is not process injection): dmcxblue.gitbook.io/red-team-notes/persistence/dll-search-order-hijacking Backdooring PE files with shellcode (code injection that is not process injection): www.ired.team/offensive-security/code-injection-process-injection/backdooring-portable-executables-pe-with-shellcode

This is a fantastic diagram for explaining how things work, I wish I had though of this! I really like these new "explainer" videos you have been doing with deep dives into each topic : )

This video covers only the surface - throughout the past months my mind has opened to so many new techniques that you would never imagine.

Good job, the visual parts and the explanations were so helpful. 🙏

This is such a wonderful work and an awesome explanation. Thanks for this!!

Such as great explanation with sort of API's in easy way. great effort.. "claps" for your work

u use c or c++ ?

I'm currently learning a bit about Win32 Programming and I find it hilarious that all these injection types have dedicated functions to execute them, I always thought you'd have to do a lot of trickery to do something like that. Also, is there no windows built-in security check that prevents you from easily writing to another processes' memory? Or is that only done by AV's?

It's a shame there's no discord in the description, I know a couple more ways to do process injection that I would be happy to share with you! (Some don't even require a handle) All in all it's a really good video and way to explain them, I'm impressed by your research as I did the same.. Nice video as always :)

very well explained

What is the stealthiest process injection method in you opinion? (Even the ones not included in this video) Thx!

Awesome video. I still have one or two questions. You'll have to explain it to me at the next meeting :-)

very good video, thank you

What about stack bombing and herpaderping

Wow. This is amazing! Thanks for making this :)

Now I feel so stupid, nice video!

Nice explanation 👌👌👌 Need a video on PE file structure

How to remove a rat , heur or backdoors from a sofware or exe.

How can I learn malware analysis

Good video but hard to follow with the hand written notes

Awesome

Thnx bro yoooooooou best

The handwritten text discouraged me from going in more than 2 minutes

No, no no.. horrible squiqles for a diagram.. and you also assumed we already have knowledge about the basic terms.