Process Hollowing on Windows 11 24H2 - SharITSec

Process Hollowing (a.k.a. RunPE) is probably the oldest, and the most popular process impersonation technique (it allows to run a malicious executable under the cover of a benign process). It is used in variety of PE loaders, PoCs, and offensive … Continue reading →

Introduction to Malware Binary Triage (IMBT) Course

Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor.

Enroll Now and Save 10%: Coupon Code MWNEWS10

Note: Affiliate link – your enrollment helps support this platform at no extra cost to you.

Article Link: Process Hollowing on Windows 11 24H2 | hasherezade's 1001 nights

1 post - 1 participant

Read full topic

Malware Analysis, News and Indicators - Latest topics