Process Injection
2024-08-06
Process Injection is a method of executing arbitrary code into the address space of a separate running process.
Process Injection can be carried out in a multitude of ways and is commonly used by malware as a persistence mechanism.
Process Injection isn’t always malicious. Many benign applications may inject code into running processes to add functionality, enhance, or for troubleshooting purposes.
Linux Persistence: Modular Software
2025-04-17 DFIR CTF persistence linux persistence apache asterisk
Linux Persistence: Web Shells
2025-04-16 DFIR persistence webshell linux persistence webshell apache nginx PHP
Linux Persistence: Rootkits
2025-04-15 DFIR persistence rootkit LKM linux persistence LKM rootkit LD_PRELOAD kprobe ftrace ld.so hooking
Defanging Linux LKM Rootkits With cleanup_module()
2025-04-05 Linux LKM rootkits EDR hooks incident response Linux LKM rootkit