Explore new process injection techniques using Windows thread pools in this 35-minute Black Hat conference talk. Dive into the internals of the Windows user-mode thread pool, a component often overlooked by security researchers. Learn about the thread pool architecture, work item queuing mechanism, and execution process managed by the scheduler. Discover innovative approaches to process injection that leverage the thread pool's unique characteristics. Gain insights from speaker Alon Leviev's research and findings on this unexplored attack surface.
New Process Injection Techniques Using Windows Thread Pools
Overview
Syllabus
The Pool Party You Will Never Forget: New Process Injection Techniques Using Windows Thread Pools
Taught by
Black Hat
