5. Additional Resources
In addition to the code injection techniques covered in this chapter, security researchers have discovered various other means of injecting code. The following are some of the new code injection techniques, and resources for further reading:
- ATOMBOMBING: BRAND NEW CODE INJECTION FOR WINDOWS:https://blog.ensilo.com/atombombing-brand-new-code-injection-for-windows
- PROPagate:http://www.hexacorn.com/blog/2017/10/26/propagate-a-new-code-injection-trick/
- Process Doppelgänging, by Tal Liberman and Eugene Kogan:https://www.blackhat.com/docs/eu-17/materials/eu-17-Liberman-Lost-In-Transaction-Process-Doppelganging.pdf
- Gargoyle: https://jlospinoso.github.io/security/assembly/c/cpp/developing/software/2017/03/04/gargoyle-memory-analysis-evasion.html
- GHOSTHOOK:https://www.cyberark.com/threat-research-blog/ghosthook-bypassing-patchguard-processor-trace-based-hooking/
In this chapter, we focused mainly on code injection techniques in the user space; similar capabilities are possible in...