all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

RemoteTLSCallbackInjection - Utilizing TLS Callbacks To Execute A Payload Without Spawning Any Threads In A Remote Process

Add to bookmarks
April 10, 2024, 12:30 p.m. | noreply@blogger.com (Unknown)

KitPloit - PenTest Tools! www.kitploit.com


This method utilizes TLS callbacks to execute a payload without spawning any threads in a remote process. This method is inspired by Threadless Injection as RemoteTLSCallbackInjection does not invoke any API calls to trigger the injected payload.

Quick Links

Maldev Academy Home

Maldev Academy Syllabus

Related Maldev Academy Modules

New Module 34: TLS Callbacks For Anti-Debugging

New Module 35: Threadless Injection



Implementation Steps

The PoC follows these steps:

  1. Create a suspended process using the CreateProcessViaWinAPIsW function (i.e. RuntimeBroker.exe).
  2. Fetch …

academy anti-debugging api home injection links payload process threads tls trigger

Visit resource

More from www.kitploit.com / KitPloit - PenTest Tools!

Linux-Smart-Enumeration - Linux Enumeration Tool For Pentesting And CTFs With Verbosity Levels 3 hours ago | www.kitploit.com
ctfs hackthebox linux enumeration linux-smart-enumeration +3
ShellSweep - PowerShell/Python/Lua Tool Designed To Detect Potential Webshell Files In A Specified Directory 1 day, 15 hours ago | www.kitploit.com
Invoke-SessionHunter - Retrieve And Display Information About Active User Sessions On Remote Computers (No Admin … 2 days, 15 hours ago | www.kitploit.com
credentials invoke-sessionhunter localhost registry +1
Subhunter - A Fast Subdomain Takeover Tool 3 days, 15 hours ago | www.kitploit.com
bugbounty bug bounty tools pentesting security tools +3
Hakuin - A Blazing Fast Blind SQL Injection Optimization And Automation Framework 4 days, 2 hours ago | www.kitploit.com
hakuin injection metadata mssql +6
BypassFuzzer - Fuzz 401/403/404 Pages For Bypasses 5 days, 15 hours ago | www.kitploit.com
403 bypass 403 forbidden bugbounty bypassfuzzer +5
PingRAT - Secretly Passes C2 Traffic Through Firewalls Using ICMP Payloads 6 days, 15 hours ago | www.kitploit.com
firewall bypass fud rat hacking tools penetration testing +3
LOLSpoof - An Interactive Shell To Spoof Some LOLBins Command Line 1 week ago | www.kitploit.com
call clear command command line +15
SQLMC - Check All Urls Of A Domain For SQL Injections 1 week, 1 day ago | www.kitploit.com
pentesting pentest tool python3 sqlinjection +1

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Consultant Sécurité SI Gouvernance - Risques - Conformité H/F - Strasbourg

@ Hifield | Strasbourg, France
View on infosec-jobs.com

Lead Security Specialist

@ KBR, Inc. | USA, Dallas, 8121 Lemmon Ave, Suite 550, Texas
View on infosec-jobs.com

Consultant SOC / CERT H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com