Completed
Hook Mem API in User Space
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Breaking Payloads With Runtime Code Stripping and Image Freezing
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Securing Software (is hard!) Software bugs
- 3 Exploits and Payloads Initial stage gains program counter control
- 4 Loading the Payload
- 5 Breaking the Payload
- 6 Remove unused Functionality
- 7 "Modern" Software
- 8 Adobe Reader DLL Dependencies
- 9 Adobe Reader DLL Usage
- 10 Viber DLL Usage
- 11 Control Flow Graph (CFG)
- 12 Code Stripping: DLL CFGS
- 13 Code Stripping: mark used code
- 14 Code Stripping: remove unused code
- 15 Control Flow Recovery
- 16 Control Flow Graph Recovery
- 17 Kill Files
- 18 Kill Node (example 1)
- 19 DLL Injection
- 20 DLL Preloading . Strip code from dynamically loaded DLLS
- 21 Image Freezing
- 22 Hook Mem API in User Space
- 23 Function Whitelisting Static analysis is not sufficient
- 24 Whitelisting Functions...
- 25 CodeFreeze at Runtime
- 26 DemoServer.exe: Memory Overhead Unprotected
- 27 CodeFreeze Advantages
- 28 Current Limitations
- 29 Future Work: CFG from the Compiler