Detecting (un)Intentionally Hidden Injected Code by Examining Page Table Entries

Дата: 18.03.2020. Автор: CISO CLUB. Категории: Подкасты и видео по информационной безопасности

In this talk, we will cover hiding techniques that prevent executable pages (containing injected code) from being reported by current memory forensic plugins. These techniques can either be implemented by malware in order to hide its injected code (as already observed) or can, in one case, unintentionally be taken care of by the operating system through its paging mechanism.

By Frank Block

Full Abstract & Presentation Materials: https://www.blackhat.com/eu-19/briefings/schedule/#detecting-unintentionally-hidden-injected-code-by-examining-page-table-entries-17856

CISO CLUB

Об авторе CISO CLUB

Редакция портала cisoclub.ru. Добавляйте ваш материал на сайт в разделе "Разместить публикацию".
Читать все записи автора CISO CLUB

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *