Code injection is a technique that is becoming increasingly prevalent in attacks and data breaches. Both malware writers and dedicated penetration teams rely on these techniques to bypass defenses and achieve persistence. This course gives a comprehensive coverage of code injection techniques and will teach the student how to analyse, reverse engineer and write applications that use code injections. As such, this course is focused on both defensive and offensive techniques as well as development and code analysis.
- The fundamental aspects that make code injection possible.
- A large set of code-injection techniques such as DLL and PE injection, Thread hijacking, Process hollowing, PowerLoad, AtomBombing, Early bird.
- Return oriented programming (ROP).
- Chaining code injections together like APT malware.
Who should attend?
- Malware analysists
- Security researchers
- Threat analysts
- Incident responders
- Red teamers
- Security engineers
- Any others who are interested in how applications can execute throughout the entire system in non-conventional ways.
Good understanding of computer systems and assembly-level reasoning. The course is heavily focused on development, so exposure to C/C++ coding is a benefit, and experience with Windows Internals is recommended.