About this Event
Whether you’re trying to keep your shell alive or trying to catch and stop the shells, process injection is going to be something you will have to deal with. In this training, the instructors will take you through the very basic fundamentals of process injection and increase in complexity as the class moves forward.
The class covers a wide variety of topics, techniques and strategies in order to help attendees come in with possibly no experience in injection methods but leave feeling confident in their ability to work with these techniques once the class ends.
There’s a lot to cover in this category. Instructors will walk you through the very basics and fundamentals required to understand later concepts, loading DLLs from disk, operating in-memory, injecting into remote processes, many “branded” techniques e.g. PROPagate, wrestling with pesky defensive solutions like EDR and so much more.
All materials in this class are available for students to take with them. Slides, code, everything.
The Pwntario Team
2 days of training. 4 hours per day.
The virtual doors will open Saturday at 9:30am for anyone that needs any last minute help with the installation or configuration of Windows 10. The training will start at 10:00 am and go until 2:00 pm with a couple of breaks. At 2:00 pm the class will break for the day (but there may be some opporunity to just hang).
On Sunday we will reconvene at 9:30 am, and class will start at 10:00 am. It will again go until 2:00 pm with breaks, and draw to a close. You can continue enjoying the remainder of the conferece.
Links and training information will be emailed to all training participants before Saturday.Day 1
While this training is for everyone, it is at an intermediate level. Whether you are on defense or offense, process injection is something you will encounter over and over again. For offensive attendees, injection can be a make it or break it moment. Stop hoping $tool has you covered and learn the inner workings for yourself. For defensive attendees, injection is something that is often meant to be evasive and subversive. Blue team should also not hope $vendor has you covered and come discover each moving piece in the covered injection techniques throughout this training.