Windows Internal Cobalt Strike Process Injection Discussing the various methods that Cobalt Strike uses to perform process injection
Penetration Test From Default Printer Credentials to Domain Admin Looking at Pass-back-attacks & how to exploit trust relationships between devices that are generally considered benign
Windows Internal Dynamically Retrieving System Call (syscall) Leveraging PTEs Locate instantiated PTE by leaking the base address and dynamically using read primitive to retrieve the syscall id
Windows Internal Direct System Call (syscall) Process Injection to Avoid Anti-Kill Quick n’ Dirty syscall process injection